CVE-2020-24876
CVE-2020-24876 affects Pancake prior to version 4.13.29, where a hard-coded cryptographic key can be used to forge session cookies. According to multiple sources (NVD entry and Red Hat advisory), this enables remote privilege escalation by forging authenticated sessions. The vulnerability stems f...