Headline
GHSA-cmxc-9ghj-jp87: Insufficient Session Expiration in snipe/snipe-it
Session Fixation in GitHub repository snipe/snipe-it prior to 6.0.10. The session is not invalidated after a password change.
Insufficient Session Expiration in snipe/snipe-it
Moderate severity GitHub Reviewed Published Aug 26, 2022 • Updated Aug 30, 2022
Related news
CVE-2022-2997: Log user out of other devices when they change their password · snipe/snipe-it@6fde72a
Session Fixation in GitHub repository snipe/snipe-it prior to 6.0.10.