1 matches found
Session Fixation
clearance is vulnerable to session fixation attacks. These attacks are possible because the CSRF token is not rotated on sign in...