VYPR

Pow

by Danschultzer

hex: pow

CVEs (1)

  • CVE-2020-5205Jan 9, 2020
    risk 0.00cvss epss 0.01

    In Pow (Hex package) before 1.0.16, the use of Plug.Session in Pow.Plug.Session is susceptible to session fixation attacks if a persistent session store is used for Plug.Session, such as Redis or a database. Cookie store, which is used in most Phoenix apps, doesn't have this…