Old session tokens can be used to authenticate to the application and send authenticated requests.
7.5CVSS
7.3AI Score
0.001EPSS
Improper Restriction of Excessive Authentication Attempts in GitHub repository heroiclabs/nakama prior to 3.13.0. This results in login brute-force attacks.
9.8CVSS
9.4AI Score
0.002EPSS