Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/03/08 1:44 a.m.6 views

CVE-2026-30224

OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.11.1, OliveTin does not revoke server-side sessions when a user logs out. Although the browser cookie is cleared, the corresponding session remains valid in server storage until expiry default ≈ 1 year...

5.4CVSS5.8AI score0.00302EPSS
Exploits1References1
NVD
NVD
added 2026/03/06 9:16 p.m.6 views

CVE-2026-30224

OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.11.1, OliveTin does not revoke server-side sessions when a user logs out. Although the browser cookie is cleared, the corresponding session remains valid in server storage until expiry default ≈ 1 year...

5.4CVSS0.00302EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/03/06 9:1 p.m.4 views

CVE-2026-30224 OliveTin: Session Fixation - Logout Fails to Invalidate Server-Side Session

OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.11.1, OliveTin does not revoke server-side sessions when a user logs out. Although the browser cookie is cleared, the corresponding session remains valid in server storage until expiry default ≈ 1 year...

5.4CVSS5.7AI score0.00302EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/03/05 12:0 a.m.10 views

PT-2026-23614

Name of the Vulnerable Software and Affected Versions OliveTin versions prior to 3000.11.1 Description OliveTin does not properly invalidate server-side sessions upon user logout. Although the browser cookie is cleared during logout, the corresponding session remains valid in server storage until...

9.9CVSS5.8AI score0.22162EPSS
Exploits70References138
Rows per page
Query Builder