2 matches found
PT-2025-18941 · Unknown +1 · Mojolicious +1
Name of the Vulnerable Software and Affected Versions: Mojolicious versions 7.28 through 9.39 Description: The issue concerns the generation of weak HMAC session secrets in Mojolicious for Perl. When creating a default app, a weak secret is written to the application's configuration file using th...
PT-2025-18947 · Unknown +1 · Mojolicious +1
Name of the Vulnerable Software and Affected Versions: Mojolicious versions 0.999922 through 9.39 Description: The issue concerns the use of a hard-coded string or the application's class name as a HMAC session secret by default in Mojolicious for Perl. This predictable default secret can be...