Vulnerability Details CVE-2022-25590
SurveyKing v0.2.0 was discovered to retain users' session cookies after logout, allowing attackers to login to the system and access data using the browser cache when the user exits the application.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.7%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.3
References
Products affected by CVE-2022-25590
-
cpe:2.3:a:surveyking:surveyking:0.2.0