We have performed a penetration testing on one of our moodle installations and the penetration testing flag an error on the session.
Aplication does not properly set security and privacy related flags for the following cookies:
- MoodleSession (Some attributes are set twice)