Lucene search
K

5 matches found

NVD
NVD
added 2022/01/18 5:15 p.m.14 views

CVE-2021-37866

Mattermost Boards plugin v0.10.0 and earlier fails to invalidate a session on the server-side when a user logged out of Boards, which allows an attacker to reuse old session token for authorization...

7.5CVSS0.00723EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/01/18 4:52 p.m.13 views

CVE-2021-37866 Session is not invalidated on server-side when user logged out of Boards

Mattermost Boards plugin v0.10.0 and earlier fails to invalidate a session on the server-side when a user logged out of Boards, which allows an attacker to reuse old session token for authorization...

4.7CVSS4.8AI score0.00723EPSS
Exploits1References2
CVE
CVE
added 2022/01/18 4:52 p.m.56 views

CVE-2021-37866

Mattermost Boards plugin (v0.10.0 and earlier) does not invalidate server-side sessions on user logout, allowing reuse of the old session token for authorization. Documented as CVE-2021-37866 with multiple references (NVD, CVE lists, and country/NVD mirrors). Relevant impact details indicate netw...

7.5CVSS5.8AI score0.00723EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/01/18 4:52 p.m.10 views

CVE-2021-37866 Session is not invalidated on server-side when user logged out of Boards

Mattermost Boards plugin v0.10.0 and earlier fails to invalidate a session on the server-side when a user logged out of Boards, which allows an attacker to reuse old session token for authorization...

4.7CVSS7.7AI score0.00723EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/01/13 5:15 p.m.10 views

CVE-2022-22122

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: This candidate is a reservation duplicate of CVE-2021-37866. Notes: All CVE users should reference CVE-2021-37866 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage...

7.5CVSS7.1AI score0.00723EPSS
Exploits1References1
Rows per page
Query Builder