IBM Curam Social Program Management 8.0.0 and 8.0.1 does...
Critical severity
Unreviewed
Published
Jun 21, 2022
to the GitHub Advisory Database
•
Updated Jan 27, 2023
Description
Published by the National Vulnerability Database
Jun 20, 2022
Published to the GitHub Advisory Database
Jun 21, 2022
Last updated
Jan 27, 2023
IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 218281.
References