Lucene search
Veracode Vulnerability DatabaseVERACODE:13695HistoryApr 25, 2019 - 8:41 a.m.
Insecure Session Management
2019-04-2508:41:33
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
3
0.001 Low
EPSS
Percentile
30.9%
flarum/core contains an insecure session management. A lack of expiry and invalidation in the user email tokens allows a remote attacker to reuse the email tokens belonging to users to gain access to the application.
| CPE | Name | Operator | Version |
|---|---|---|---|
| flarum/core | le | 0.1.0-beta.7.2 |
Related
cve
cve
CVE-2019-11514
2019-04-25 03:29:00
prion
prion
Command injection
2019-04-25 03:29:00
cvelist
cvelist
CVE-2019-11514
2019-04-25 02:59:15
github
github
Flarum mishandles invalidation of user email tokens
2022-05-24 16:44:35
osv
osv
CVE-2019-11514
2019-04-25 03:29:00
Flarum mishandles invalidation of user email tokens
2022-05-24 16:44:35
nvd
nvd
CVE-2019-11514
2019-04-25 03:29:00