2 matches found
CVE-2025-55264 HCL Aftermarket DPC is affected by Failure to Invalidate Session on Password Change
HCL Aftermarket DPC is affected by Failure to Invalidate Session on Password Change will allow attacker to access to a session, then they can maintain control over the account despite the password change leading to account takeover...
CVE-2021-37333
Laravel Booking System Booking Core 2.0 is vulnerable to Session Management. A password change at sandbox.bookingcore.org/user/profile/change-password does not invalidate a session that is opened in a different browser...