3 matches found
CVE-2022-2306
Old session tokens can be used to authenticate to the application and send authenticated requests...
CVE-2022-2306 Insufficient Session Expiration in heroiclabs/nakama
Old session tokens can be used to authenticate to the application and send authenticated requests...
CVE-2022-2306
CVE-2022-2306 affects heroiclabs/nakama: old session tokens can be used to authenticate to the application, indicating insecure session expiration where logout does not invalidate tokens. The root cause described across connected sources is improper session handling allowing reuse of previously i...