2 matches found
CVE-2023-47640
creationtimestamp| type| source ---|---|--- 2025-01-07 19:39:32+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/540...
CVE-2023-47640
DataHub (front-end) is affected by CVE-2023-47640 due to insecure use of HMAC-SHA1 for session signing. The Frontend uses Play LegacyCookiesModule with SHA1 signing and a short signing key, enabling brute-force attempts to recover the signing key and escalate privileges via a privileged session c...