5 matches found
CVE-2021-37866
Mattermost Boards plugin v0.10.0 and earlier fails to invalidate a session on the server-side when a user logged out of Boards, which allows an attacker to reuse old session token for authorization...
CVE-2021-37866 Session is not invalidated on server-side when user logged out of Boards
Mattermost Boards plugin v0.10.0 and earlier fails to invalidate a session on the server-side when a user logged out of Boards, which allows an attacker to reuse old session token for authorization...
CVE-2021-37866
Mattermost Boards plugin (v0.10.0 and earlier) does not invalidate server-side sessions on user logout, allowing reuse of the old session token for authorization. Documented as CVE-2021-37866 with multiple references (NVD, CVE lists, and country/NVD mirrors). Relevant impact details indicate netw...
CVE-2021-37866 Session is not invalidated on server-side when user logged out of Boards
Mattermost Boards plugin v0.10.0 and earlier fails to invalidate a session on the server-side when a user logged out of Boards, which allows an attacker to reuse old session token for authorization...
CVE-2022-22122
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: This candidate is a reservation duplicate of CVE-2021-37866. Notes: All CVE users should reference CVE-2021-37866 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage...