4 matches found
CVE-2021-25970
creationtimestamp| type| source ---|---|--- 2021-10-20 16:35:20+00:00| seen| https://t.me/cibsecurity/30896 2025-04-30 16:14:21+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/14085...
CVE-2021-25970 Camaleon CMS - Insufficient Session Expiration after Password Change
Camaleon CMS 0.1.7 to 2.6.0 doesn’t terminate the active session of the users, even after the admin changes the user’s password. A user that was already logged in, will still have access to the application even after the password was changed...
CVE-2021-25970
CVE-2021-25970 : Camaleon CMS (0.1.7–2.6.0) suffers from insufficient session expiration; active sessions aren’t terminated after password changes, allowing logged-in users continued access. Public advisories (GitHub GHSA-438X-2P9V-G8H9, Red Hat RH: CVE-2021-25970) align on the issue and confirm ...
CVE-2021-25970 Camaleon CMS - Insufficient Session Expiration after Password Change
Camaleon CMS 0.1.7 to 2.6.0 doesn’t terminate the active session of the users, even after the admin changes the user’s password. A user that was already logged in, will still have access to the application even after the password was changed...