CVE-2022-25590

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-25590

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-25590.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2022-25590

Published

2022-03-25T19:15:10Z

Modified

2025-01-08T08:52:59.301653Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

SurveyKing v0.2.0 was discovered to retain users' session cookies after logout, allowing attackers to login to the system and access data using the browser cache when the user exits the application.

References

Affected packages

Git / github.com/javahuang/surveyking

Affected ranges

Type: GIT
Repo: https://github.com/javahuang/surveyking
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

0d091d2be595c90b1595d6f80b508c573e3acec5

Affected versions

v0.*

v0.1.0

v0.2.0