2 matches found
CVE-2025-53895
creationtimestamp| type| source ---|---|--- 2025-07-15 16:50:51+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114858278941700138 2025-09-09 20:51:36+00:00| seen| MISP/e0a0042d-e47b-4875-b781-99d4428af3c2...
CVE-2025-53895
CVE-2025-53895 affects ZITADEL's session management API. A missing permission check allows any authenticated user to update a session if they know its ID, enabling session hijacking and potential impersonation of other users and access to sensitive resources. Affected versions include 2.53.0 up t...