In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsUpgrade aiohttp
to version 0.22.0 or higher.
Affected versions of this package are vulnerable to Information Exposure when ClientSession
leaks cookies across different hostnames. Exploiting this vulnerability can lead to sensitive data disclosure.
Note Even when using a separate session for each hostname-specific request, the session cookies are sent across HTTP 3xx redirects.