CVE-2020-23140 Information

Feb 14, 2021 cve

Description

Microweber 1.1.18 is affected by insufficient session expiration. When changing passwords both sessions for when a user changes email and old sessions in any other browser or device the session does not expire and remains active.

Reference

https://gist.github.com/virendratiwari03/bddafb3cd82dde8202bd056d340d3e36

Share on: