Lucene search

PRIOn knowledge basePRION:CVE-2023-40174

HistoryAug 18, 2023 - 10:15 p.m.

Session fixation

2023-08-1822:15:00

PRIOn knowledge base

www.prio-n.com

session fixation

web application

security vulnerability

lifecycle management

version 1.0.5

upgrade

9.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

39.1%

JSON

Social media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. Insufficient session expiration is a web application security vulnerability that occurs when a web application does not properly manage the lifecycle of a user’s session. Social media skeleton releases prior to 1.0.5 did not properly limit manage user session lifecycles. This issue has been addressed in version 1.0.5 and users are advised to upgrade. There are no known workarounds for this vulnerability.

CPENameOperatorVersion
social-media-skeletonlt1.0.5

CPE	Name	Operator	Version
	social-media-skeleton	lt	1.0.5

References

github.com/fobybus/social-media-skeleton/commit/99738b2cc5efb6a5739161c931daa43f99431e5a

github.com/fobybus/social-media-skeleton/security/advisories/GHSA-cr5c-ggwq-g4hq