CVE-2020-15105
Django Two-Factor Authentication (django-two-factor-auth) vulnerability CVE-2020-15105 affects versions up to 1.11. It stores the user’s password in clear text (base64-encoded) in the user session after the user submits credentials, until authentication completes via a 2FA code. Depending on sess...