Mojolicious
1 CVEs
product
Monthly
Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application's class name, as an HMAC session cookie secret by default. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
Information Disclosure
Mojolicious
Suse
NVD
GitHub
CVSS 3.1
8.1
EPSS
0.3%
EPSS 0%
CVSS 8.1
HIGH
POC
PATCH
This Week
Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application's class name, as an HMAC session cookie secret by default. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
Information Disclosure
Mojolicious
Suse
NVD
GitHub