Vulnerabilities
Vulnerable Software
Octobercms:  >> October  >> 1.0.471  Security Vulnerabilities
An issue was discovered in October through build 471. It reactivates an old session ID (which had been invalid after a logout) once a new login occurs. NOTE: this violates the intended Auth/Manager.php authentication behavior but, admittedly, is only relevant if an old session ID is known to an attacker.
CVSS Score
9.8
EPSS Score
0.015
Published
2021-02-05


Contact Us

Shodan ® - All rights reserved