VYPR
High severity8.1NVD Advisory· Published May 7, 2020· Updated Jun 17, 2026

CVE-2020-5894

CVE-2020-5894

Description

On versions 3.0.0-3.3.0, the NGINX Controller webserver does not invalidate the server-side session token after users log out.

Affected products

2
  • NGINX/NGINX Controllerdescription
  • Nginx/Controllerllm-fuzzy
    Range: 3.0.0-3.3.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.