When we done some security pen-testing of open-source sonarqube 7.9.2 community edition installed on our project application, we got Duplicate cookies set in sonarqube URL endpoint(/sonarqube/quality_gates/show/), The response contains two or more Set-Cookie headers that attempt to set the same cookie
to different values. Browsers will only accept one of these values, typically the value in the last header.
The presence of the duplicate headers may indicate a programming error.
As you can see in this screenshot:
I believe this is a low level severity bug but if you can provide us some fix on it would appreciate it?