Insufficient Verification of Data Authenticity
Overview Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity in the WebsocketToken handler and the WebSocket upgrader process. An attacker can access sensitive session state and resource information by obtaining a CSRF token from an unauthenticated...