You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
backend/src/auth sets the refresh token cookie without the HttpOnly flag, making it accessible via JavaScript. XSS vulnerability — must set HttpOnly=true.
backend/src/auth sets the refresh token cookie without the HttpOnly flag, making it accessible via JavaScript. XSS vulnerability — must set HttpOnly=true.