Cookie Security Demo - DFL-027-25

This application has insecure cookie flags and a reflected XSS vulnerability.

Vulnerabilities

• Session cookie is not HttpOnly - accessible via JavaScript
• Session cookie is not Secure - sent over HTTP
• Reflected XSS in /search endpoint

Endpoints

• POST /api/register - Register a user (JSON: username, password)
• POST /api/login - Login and get session cookie (JSON: username, password)
• GET /search?q=X - Search (reflected XSS)
• GET /log?c=X - Log exfiltrated data
• GET /api/logs - View logged data
• GET /admin/flag - Get flag (requires admin session)
• GET /simulate-admin-visit?url=X - Simulate admin visiting a URL with their session cookie

Search

Login