When I scan my Frontend Page with “Qualys API SCAN” software that is intended to find vulnerabilities, it lands on AUTH0 authentification page. And it finds 2 problems with the cookies:
Cookie Does Not Contain The “secure” Attribute
Cookie Does Not Contain The “HTTPOnly” Attribute”
Example of such a cookie: com.auth0.auth.ugKuorXXXXX…
Is this normal or it is a security problem for the cookies don’t have those attributes?