If the Quarkus Form Authentication session cookie Path attribute is set to `/` then a cross-site attack may be initiated which might lead to the Information Disclosure. This attack can be prevented with the Quarkus CSRF Prevention feature.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| io.quarkus:quarkus-vertx-http(Maven) | 0 | 2.13.7.Final | N/A |
CVSS Metrics
