CVE-2021-3311
packagist/october/october
Insufficient Session Expiration
An issue was discovered in October through build It reactivates an old session ID (which had been invalid after a logout) once a new login occurs.
All versions up to 1.0.471
Upgrade to version 1.1.0 or above.
2021-02-10
source |