CVE-2024-29401 Information

Description

xzs-mysql 3.8 is vulnerable to Insufficient Session Expiration which allows attackers to use the session of a deleted admin to do anything.

Reference

https://github.com/menghaining/PoC/blob/main/xzs-mysql/xzs-mysql%20–%20PoC.md