CVE-2021-26921

CVE-2021-26921 affects Argo CD before 1.8.4, from the util/session/sessionmanager.go code. The root issue allows tokens to remain valid after the associated user account is disabled, enabling continued token authentication despite deactivation. The impact is described across multiple sources (e.g...