Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

GSA_kwCzR0hTQS1xcThtLTlycHgtdzJmbc4AA1EV

Moderate EPSS: 0.00308% (0.53494 Percentile) EPSS:
Permalink JSON

Admidio Insufficient Session Expiration vulnerability

Affected Packages Affected Versions Fixed Versions
packagist:admidio/admidio < 4.2.11 4.2.11
1 Dependent packages
1 Dependent repositories
23 Downloads total

Affected Version Ranges

All affected versions

4.1.0, 4.1.3, 4.2.0, 4.2.1, 4.2.2, 4.2.3, 4.2.4, 4.2.5, 4.2.6, 4.2.7, 4.2.8, 4.2.9, 4.2.10

All unaffected versions

4.2.11, 4.2.12, 4.2.13, 4.2.14, 4.3.0, 4.3.1, 4.3.2, 4.3.3, 4.3.4, 4.3.5, 4.3.6, 4.3.7, 4.3.8, 4.3.9, 4.3.10, 4.3.11, 4.3.12, 4.3.13, 4.3.14, 4.3.15

Insufficient Session Expiration in GitHub repository admidio/admidio prior to 4.2.11. This vulnerability allows a user's session to remain valid even after the user has logged out, potentially granting unauthorized access to sensitive areas and functionalities.

References:

Identifiers

GHSA-qq8m-9rpx-w2fm

CVE-2023-4190

Risk

Severity

Moderate

EPSS

EPSS Percentage: 0.00308

EPSS Percentile: 0.53494

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/admidio/admidio

Date and time

Published

almost 2 years ago

Updated

over 1 year ago

API

JSON