Mend Vulnerability Database
What is a CVE vulnerability ID? What is a WS vulnerability ID?New vulnerability? Tell us about it!
We found results for “”
Date: May 3, 2022
OverviewIn Shopizer versions 2.3.0 to 3.0.1 are vulnerable to Insufficient Session Expiration. When a password has been changed by the user or by an administrator, a user that was already logged in, will still have access to the application even after the password was changed
DetailsShopizer application doesn’t delete the active session of a customer, even after the admin resets the password
PoC DetailsBrowse the app and login with an administrator. In the incognito window, browse to the app and register a new customer. Now in the already logged in admin account, in the admin panel, browse to “admin/customers/list.html” endpoint . Click on the details of the recently created customer. Then navigate to More options> set credentials . Now enter the username and newly set password and submit to save. We see that we are still active and the session persists in the incognito window of the customer and the user can perform all of the actions.
Affected Environments2.3.0 to 3.0.1
Good to know:
No fix version available
|Attack Vector (AV):||Network|
|Attack Complexity (AC):||Low|
|Privileges Required (PR):||Low|
|User Interaction (UI):||None|
|Access Vector (AV):||Network|
|Access Complexity (AC):||Low|