aiohttp-session Session Fixation vulnerability
The pypi package aiohttp-session before 2.4.0 contained a Session Fixation vulnerability in loadsession function for RedisStorage that can result in Session Hijacking. This attack appear to be exploitable via Any method that allows setting session cookies ?session=, or meta tags or script tags wi...