/vulndb/Cookies Scoped to Parent Domain

A cookie scoped to the parent domain will be available to all subdomains therefore increasing the chance of leakage. This may occur when the information is transmitted unencrypted or when a XSS vulnerability affected a subdomain is in place.

Solution

Explicitly declare the domain and/or path fields of the affected cookies.

References

http://en.wikipedia.org/wiki/HTTP_cookie#Domain_and_Path