6.9 Medium
AI Score
Confidence
Low
0.013 Low
EPSS
Percentile
86.2%
The user_logout function in TikiWiki CMS/Groupware 4.x before 4.2 does not properly delete user login cookies, which allows remote attackers to gain access via cookie reuse.
info.tikiwiki.org/article86-Tiki-Announces-3-5-and-4-2-Releases
secunia.com/advisories/38896
tikiwiki.svn.sourceforge.net/viewvc/tikiwiki?view=rev&revision=25046
www.securityfocus.com/bid/38608
exchange.xforce.ibmcloud.com/vulnerabilities/56770