CVE-2015-3207 Information

Description

In Openshift Origin 3 the cookies being set in console have no ‘secure’ ‘HttpOnly’ attributes.

Reference

https://bugzilla.redhat.com/show_bug.cgi?id=1221882 https://github.com/openshift/origin/pull/2261 https://github.com/openshift/origin/pull/2291