Follow

"django-two-factor-auth versions 1.11 and before store the user's password in clear text in the user session (base64-encoded)."

github.com/advisories/GHSA-vhr

Sign in to participate in the conversation
Social feed

This is a personal and private instance.