CVE-2025-36359
CVE-2025-36359 affects IBM DevOps Automation 1.0.1 and IBM DevOps Loop 1.0.2. The root cause is that session IDs are not invalidated after expiration, enabling an authenticated user to impersonate another user on the system. The IBM security bulletin confirms a CVSS v3.1 base score of 8.1 (HIGH) ...