2 matches found
CVE-2025-24896 Misskey allows token to remain valid in cookie after signing out
Misskey is an open source, federated social media platform. Starting in version 12.109.0 and prior to version 2025.2.0-alpha.0, a login token named token is stored in a cookie for authentication purposes in Bull Dashboard, but this remains undeleted even after logout is performed. The primary...
Moodle 'login/token.php' Vulnerable
Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A security vulnerability exists in the Moodle 'login/token.php' script. A remote attacker could exploit this vulnerability by creating ...