CVE-2023-47628
CVE-2023-47628 describes a session-management flaw in DataHub Frontend where Play Framework default settings create a stateless cookie without expiration. The root cause is a cookie policy that does not set an expiration time, compounded by use of LegacyCookiesModule, making a leaked session cook...