Critical severity9.8NVD Advisory· Published Jan 3, 2022· Updated Jun 17, 2026
CVE-2021-25981
CVE-2021-25981
Description
In Talkyard, regular versions v0.2021.20 through v0.2021.33 and dev versions v0.2021.20 through v0.2021.34, are vulnerable to Insufficient Session Expiration. This may allow an attacker to reuse the admin’s still-valid session token even when logged-out, to gain admin privileges, given the attacker is able to obtain that token (via other, hypothetical attacks)
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3Patches
Vulnerability mechanics
References
3- github.com/debiki/talkyard/commit/b0310df019887f3464895529c773bc7d85ddcf34nvdPatchThird Party Advisory
- github.com/debiki/talkyard/commit/b0712915d8a22a20b09a129924e8a29c25ae5761nvdPatchThird Party Advisory
- www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25981nvdPatchThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.