Vulnerabilities > Expo > Expo Software Development KIT > 46.0.0

DATE CVE VULNERABILITY TITLE RISK
2023-04-24 CVE-2023-28131 Insufficiently Protected Credentials vulnerability in Expo Software Development KIT 45.0.0/46.0.0/47.0.0
A vulnerability in the expo.io framework allows an attacker to take over accounts and steal credentials on an application/website that configured the "Expo AuthSession Redirect Proxy" for social sign-in.
network
low complexity
expo CWE-522
critical
 9.6
9.6