CVE-2009-20001 – An issue was discovered in MantisBT before 2.24.5. It associates a unique cookie string wi …

7 March 2021

Vuln ID: CVE-2009-20001

Published: 2021-03-07 20:15:12Z

Description: An issue was discovered in MantisBT before 2.24.5. It associates a unique cookie string with each user. This string is not reset upon logout (i.e., the user session is still considered valid and active), allowing an attacker who somehow gained access to a user’s cookie to login as them.

Source: NVD.NIST.GOV

Date:

7 March 2021

Categorie(s):

NVD

Tag(s):

NVD

Flaws in Chinese keyboard apps leave 750 million users open to snooping, researchers claim26 April 2024
Most people still rely on memory or pen and paper for password management26 April 2024
LSA Whisperer: Open-source tools for interacting with authentication packages26 April 2024
What AI can tell organizations about their M&A risk26 April 2024
Breaking down the numbers: Cybersecurity funding activity recap26 April 2024