Vulnerabilities
Projects
Vulnerability Disclosure
About Us
Contact Us
Mend Vulnerability Database
We found results for “”
CVE-2022-23063
Date: May 3, 2022
Overview
In Shopizer versions 2.3.0 to 3.0.1 are vulnerable to Insufficient Session Expiration. When a password has been changed by the user or by an administrator, a user that was already logged in, will still have access to the application even after the password was changedDetails
Shopizer application doesn’t delete the active session of a customer, even after the admin resets the passwordPoC Details
Browse the app and login with an administrator. In the incognito window, browse to the app and register a new customer. Now in the already logged in admin account, in the admin panel, browse to “admin/customers/list.html” endpoint . Click on the details of the recently created customer. Then navigate to More options> set credentials . Now enter the username and newly set password and submit to save. We see that we are still active and the session persists in the incognito window of the customer and the user can perform all of the actions.Affected Environments
2.3.0 to 3.0.1Prevention
NO FIXLanguage: Java
Good to know:
| Base Score: |
|
|---|---|
| Attack Vector (AV): | Network |
| Attack Complexity (AC): | Low |
| Privileges Required (PR): | Low |
| User Interaction (UI): | None |
| Scope (S): | Unchanged |
| Confidentiality (C): | High |
| Integrity (I): | High |
| Availability (A): | High |
| Base Score: |
|
|---|---|
| Access Vector (AV): | Network |
| Access Complexity (AC): | Low |
| Authentication (AU): | Single |
| Confidentiality (C): | Partial |
| Integrity (I): | Partial |
| Availability (A): | Partial |
| Additional information: |