3 matches found
BIT-MASTODON-2025-62174 Mastodon allows continued access after password reset via CLI
Mastodon is a free, open-source social network server based on ActivityPub. In Mastodon before 4.4.6, 4.3.14, and 4.2.27, when an administrator resets a user account's password via the command-line interface using bin/tootctl accounts modify --reset-password, active sessions and access tokens for...
Typo3 Security Misconfiguration in User Session Handling
When users change their password existing sessions for that particular user account are not revoked. A valid backend or frontend user account is required in order to make use of this vulnerability...
GHSA-XMGR-JFF3-FCFV TYPO3 Security Misconfiguration in User Session Handling
When users change their password existing sessions for that particular user account are not revoked. A valid backend or frontend user account is required in order to make use of this vulnerability...