CVE-2022-42975
Phoenix prior to 1.6.14 contains a vulnerability in socket/transport.ex where check_origin wildcarding is mishandled. LiveView applications are unaffected by default because of the LiveView CSRF token. Affected versions: Phoenix before 1.6.14. Remediation: upgrade to Phoenix 1.6.14 or later or re...