3 matches found
CVE-2021-25981
creationtimestamp| type| source ---|---|--- 2022-01-03 12:38:20+00:00| seen| https://t.me/cibsecurity/34843...
CVE-2021-25981
In Talkyard, regular versions v0.2021.20 through v0.2021.33 and dev versions v0.2021.20 through v0.2021.34, are vulnerable to Insufficient Session Expiration. This may allow an attacker to reuse the admin’s still-valid session token even when logged-out, to gain admin privileges, given the attack...
CVE-2021-25981
CVE-2021-25981 affects Talkyard. Versions v0.2021.20–v0.2021.33 (regular) and v0.2021.20–v0.2021.34 (dev) are vulnerable to Insufficient Session Expiration. The underlying issue allows an attacker who can obtain a still-valid admin session token (via other, hypothetical attacks) to reuse that tok...