2 matches found
CVE-2022-44017
An issue was discovered in Simmeth Lieferantenmanager before 5.6. Due to errors in session management, an attacker can log back into a victim's account after the victim logged out - /LMS/LM/main can be used for this. This is due to the credentials not being cleaned from the local storage after...
CVE-2022-44017
CVE-2022-44017 affects Simmeth Lieferantenmanager versions prior to 5.6. The issue arises from session-management flaws where credentials remain in local storage after logout, enabling an attacker to re-access a victim’s account via /LMS/LM/#main after logout. Public sources assign a CVSSv3.1 bas...