CVE-2025-4754

Insufficient Session Expiration vulnerability in ash-project ash_authentication_phoenix allows Session Hijacking. This vulnerability is associated with program files lib/ash_authentication_phoenix/controller.ex. This issue affects ash_authentication_phoenix until 2.10.0.

Credits

James Harton
Zach Daniel
Mike Buhot
Jonatan Männchen
Josh Price

References