Insufficient Session Expiration
Old session tokens can be used to authenticate to the application and send authenticated requests.
Old session tokens can be used to authenticate to the application and send authenticated requests.
Improper Restriction of Excessive Authentication Attempts in GitHub repository heroiclabs/nakama prior to 3.13.0. This results in login brute-force attacks.