Insufficient Session Expiration in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
According to WASC, “Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization.”
Name | Vendor | Start Version | End Version |
---|---|---|---|
Pkp_web_application_library | Pkp | * | 3.3.0-16 (excluding) |