3 matches found
CVE-2021-3311
An issue was discovered in October through build 471. It reactivates an old session ID which had been invalid after a logout once a new login occurs. NOTE: this violates the intended Auth/Manager.php authentication behavior but, admittedly, is only relevant if an old session ID is known to an...
Authentication flaw
An issue was discovered in October through build 471. It reactivates an old session ID which had been invalid after a logout once a new login occurs. NOTE: this violates the intended Auth/Manager.php authentication behavior but, admittedly, is only relevant if an old session ID is known to an...
Octobercms Code Issues Vulnerabilities
Octobercms is a Php based Cms website builder from Octobercms, Inc. A security vulnerability exists in Octobercms through build 471, which stems from the fact that it reactivates old session IDs when a new login occurs...