EPSS
Percentile
59.5%
camaleon_cms is vulnerable to session fixation. Even after the password is changed, the library does not terminate the user’s active session, allowing a malicious user to gain unauthorized access to the application.
github.com/owen2345/camaleon-cms/commit/77e31bc6cdde7c951fba104aebcd5ebb3f02b030
github.com/owen2345/camaleon-cms/pull/1006
www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25970