6.5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
25.0%
An issue exists in PHP-Fusion 9.03.50 where session cookies are not deleted once a user logs out, allowing for an attacker to perform a session replay attack and impersonate the victim user.
github.com/PHPFusion/PHPFusion/issues/2314