Astra Linux – Vulnerability in Ceph
A flaw was discovered in Red Hat Ceph Storage 4, within the Dashboard component. In response to CVE-2020-27839, the JWT token was moved from localStorage to an httpOnly cookie. However, token cookies are used in the body of the HTTP response for documentation purposes, which again exposes them to...