CVE-2022-42975

socket/transport.ex in Phoenix before 1.6.14 mishandles check_origin wildcarding. NOTE: LiveView applications are unaffected by default because of the presence of a LiveView CSRF token.
Configurations

Configuration 1

cpe:2.3:a:phoenixframework:phoenix:*:*:*:*:*:*:*:*

Information

Published : 2022-10-17 06:15

Updated : 2022-10-20 02:12


NVD link : CVE-2022-42975

Mitre link : CVE-2022-42975

Products Affected