V14 - Config Missing Secure or HTTPOnly Cookie FlagPOC Intercept the HTTP request Observe that the Set-Cookie is missing the 'Secure' or/and 'HttpOnly' flags. Impact Very LowLikelihood Very Low