Skip to content

Exclude attacker-planted-cookie attacks from the threat model #1314

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
lovasoa merged 1 commit into from
Jun 10, 2026
+7 −0
Merged

Exclude attacker-planted-cookie attacks from the threat model #1314

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions SECURITY.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -135,6 +135,13 @@ SQLPage vulnerabilities:
needs.
- A SQLPage application is publicly reachable because no authentication was
configured.
- An attacker can plant or overwrite cookies for the SQLPage origin (for
example through a compromised subdomain, a sibling application on a shared
parent domain, or a man-in-the-middle on plain HTTP). Attacks that depend on
injecting attacker-chosen cookies into the victim's browser, such as OIDC
login CSRF or session fixation via a forged login-flow-state cookie, are out
of scope. SQLPage assumes its origin's cookie jar is writable only by the
user agent, not by attackers.
- Trusted SQL asks SQLPage or the database to perform expensive work.

These may still be serious and should be fixed in the affected application,
Expand Down
Loading