2 matches found
CVE-2021-29624
fastify-csrf is an open-source plugin helps developers protect their Fastify server against CSRF attacks. Versions of fastify-csrf prior to 3.1.0 have a "double submit" mechanism using cookies with an application deployed across multiple subdomains, e.g. "heroku"-style platform as a service...
From django SECRET_KEY to code execution-vulnerability warning-the black bar safety net
A recent review of the code found in some products in the logon of JS code in the leaked SECRETKEY,the value as the password to encrypt the salt, thus exposing the encryption salt is not good., more important is the django security caused great threat. 0x01 SECRETKEY role SECTETKEY in djanog used...