Podatność CVE-2022-2306
Publikacja: 2022-07-05

Opis:
Old session tokens can be used to authenticate to the application and send authenticated requests.

Typ:

CWE-613

 (Insufficient Session Expiration)

 Referencje:
https://github.com/heroiclabs/nakama/commit/ce8d3921e2acd44ef8b5e6edfe595b6df067b166
https://huntr.dev/bounties/35acf263-6db4-4310-ab27-4c3c3a53f796
Copyright 2024, cxsecurity.com

 

Back to Top