Lucene search
+L

4 matches found

Circl
Circl
added 2021/10/20 4:35 p.m.6 views

CVE-2021-25970

creationtimestamp| type| source ---|---|--- 2021-10-20 16:35:20+00:00| seen| https://t.me/cibsecurity/30896 2025-04-30 16:14:21+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/14085...

8.8CVSS8.1AI score0.01265EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/10/20 11:55 a.m.31 views

CVE-2021-25970 Camaleon CMS - Insufficient Session Expiration after Password Change

Camaleon CMS 0.1.7 to 2.6.0 doesn’t terminate the active session of the users, even after the admin changes the user’s password. A user that was already logged in, will still have access to the application even after the password was changed...

8.8CVSS9AI score0.01265EPSS
Exploits0References2
CVE
CVE
added 2021/10/20 11:55 a.m.63 views

CVE-2021-25970

CVE-2021-25970 : Camaleon CMS (0.1.7–2.6.0) suffers from insufficient session expiration; active sessions aren’t terminated after password changes, allowing logged-in users continued access. Public advisories (GitHub GHSA-438X-2P9V-G8H9, Red Hat RH: CVE-2021-25970) align on the issue and confirm ...

8.8CVSS8.7AI score0.01265EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2021/10/20 11:55 a.m.6 views

CVE-2021-25970 Camaleon CMS - Insufficient Session Expiration after Password Change

Camaleon CMS 0.1.7 to 2.6.0 doesn’t terminate the active session of the users, even after the admin changes the user’s password. A user that was already logged in, will still have access to the application even after the password was changed...

8.8CVSS6.9AI score0.01265EPSS
Exploits0References2
Rows per page
Query Builder