2 matches found
CVE-2007-6763
SAS Drug Development SDD before 32DRG02 mishandles logout actions, which allows a user who was previously logged in to access resources by pressing a back or forward button in a web browser...
CVE-2016-0339
IBM Security Identity Manager ISIM Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 mishandles session identifiers after logout, which makes it easier for remote attackers to spoof users by leveraging knowledge of "traffic records."...