dubbo-admin icon indicating copy to clipboard operation
dubbo-admin copied to clipboard
verified publisher icon apache

[Security] Console cookie security problem

Open robocanic opened this issue 2 months ago • 0 comments

Environment

  • Deploy env: all
  • Dubbo application version: all
  • Registry: all

Issue description

Here are the security issues find by white hat hackers

  1. Pprof is opened to 0.0.0.0
  2. Login information is written in cookie, and token is hard coded
  3. Cookie is not secureonlyu

Logs

Click me to check logs 
Copy logs to here.

robocanic avatar Oct 19 '25 06:10 robocanic