Dear, I have a query, my server Orion tells me that I have these security problems, someone has had these problems could tell me how to solve them a little more specifically
Non-Secure Session Cookies Identified
The website software running on this server appears to be setting session cookies without the Secure flag set over HTTPS connections. This means the session identifier information in these cookies would be transmitted even over unencrypted HTTP connections, which might make them susceptible to interception and tampering.
Contact the vendor of this web application and request the Secure flag be set on session cookies transmitted over HTTPS.
SSL Certificate is Self-Signed
This SSL certificate appears to be issued by a private Certificate Authority (CA). Users will likely receive a security warning if their client software (e.g., web browser) does not trust the issuer of the certificate.
If this certificate is associated with a service accessible to the general public, you may want to consider acquiring a certificate from a well-known CA. Please note the port associated with this finding. This finding may NOT be originating from port 443, which is what most online testing tools check by default.
jQuery Core rquickExpr variable with Cross-Site Scripting Vulnerability
jQuery is vulnerable to Cross-site Scripting (XSS) attacks because the Query() function does not differentiate selectors from HTML in a reliable way. In vulnerable versions, jQuery determines if the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility to build a malicious payload.
Upgrade jQuery to version 1.9.0 or higher. This includes versions of jQuery used on the root domain, subdomain, or imported/sourced libraries.
Upgrade jQuery to version 3.0.0 or higher. This includes versions of jQuery used on the root domain, subdomain, or imported/sourced libraries.