CVE-2022-0991 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2022-0991

CWE

https://cwe.mitre.org/data/definitions/613.html

Insufficient Session Expiration in GitHub repository admidio/admidio prior to 4.1.9.

Weakness

According to WASC, “Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization.”

Affected Software

Name	Vendor	Start Version	End Version
Admidio	Admidio	*	4.1.9 (excluding)

Potential Mitigations

References

https://github.com/admidio/admidio/commit/e84e472ebe517e2ff5795c46dc10b5f49dc4d46a
https://huntr.dev/bounties/1c406a4e-15d0-4920-8495-731c48473ba4