A session management vulnerability exists in gugoan's Economizzer
v.0.9-beta1. The application A session management vulnerability exists in gugoan's Economizzer
v.0.9-beta1. The application fails to properly invalidate user sessions
upon logout or other session termination events. As a result, a valid
session remains active and usable even after the user has attempted to log
out.
POST /web/category/create HTTP/2
Host: <host>
Cookie: _economizzerSessionId=<<REDACTED>>;
Economizzer 0.9-beta1 Session Invalidation
- Details
- Written by: khalil shreateh
- Category: Vulnerabilities
- Hits: 103