CVE-2022-23063

Insufficient Session Expiration in maven/com.shopizer/shopizer

Identifiers

CVE-2022-23063

Package Slug

maven/com.shopizer/shopizer

Vulnerability

Insufficient Session Expiration

Description

In Shopizer versions 2.3.0 to 3.0.1 is vulnerable to Insufficient Session Expiration. When a password has been changed by the user or by an administrator, a user that was already logged in, will still have access to the application even after the password was changed.

Affected Versions

All versions starting from 2.3.0 up to 3.0.1

Solution

Unfortunately, there is no solution available yet.

Last Modified

2022-05-10

source