RSS   Podatności dla 'POW'   RSS

2020-01-09
 
CVE-2020-5205

CWE-384
 

 
In Pow (Hex package) before 1.0.16, the use of Plug.Session in Pow.Plug.Session is susceptible to session fixation attacks if a persistent session store is used for Plug.Session, such as Redis or a database. Cookie store, which is used in most Phoenix apps, doesn't have this vulnerability.

 

 >>> Vendor: Powauth 2 Produkty
Powassent
POW


Copyright 2024, cxsecurity.com

 

Back to Top