1 matches found
Improper Session Management
sorcery uses an improper session management. The vulnerability allows brute force attack to be carried out on the password authentication since the expired protection is not re-enabled after the first lockout period...