PYSEC-2021-341

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/lin-cms/PYSEC-2021-341.yaml
JSON Data
https://api.test.osv.dev/v1/vulns/PYSEC-2021-341
Aliases
  • CVE-2020-18701
Published
2021-08-16T18:15:00Z
Modified
2023-11-01T04:52:12.099260Z
Summary
[none]
Details

Incorrect Access Control in Lin-CMS-Flask v0.1.1 allows remote attackers to obtain sensitive information and/or gain privileges due to the application not invalidating a user's authentication token upon logout, which allows for replaying packets.

References

Affected packages

PyPI / lin-cms

Package

Name
lin-cms
View open source insights on deps.dev
Purl
pkg:pypi/lin-cms

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.1.1a1
0.1.1a2
0.1.1a3
0.1.1a4
0.1.1a5
0.1.1a6
0.1.1a7
0.1.1a8
0.1.1b1
0.1.1b2
0.1.1b3
0.1.1b4
0.2.0b1
0.2.0b2
0.2.0b3
0.3.0a2
0.3.0a3
0.3.0a4
0.3.0a5
0.3.0a6
0.3.0a7
0.3.0a8
0.3.0a9
0.3.0a10
0.3.1
0.4.0
0.4.2
0.4.3
0.4.4
0.4.5
0.4.6
0.4.7
0.4.8
0.4.9
0.4.10