VYPR
Critical severity9.8NVD Advisory· Published Feb 10, 2022· Updated Jun 17, 2026

CVE-2021-25992

CVE-2021-25992

Description

In Ifme, versions 1.0.0 to v.7.33.2 don’t properly invalidate a user’s session even after the user initiated logout. It makes it possible for an attacker to reuse the admin cookies either via local/network access or by other hypothetical attacks.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Ifmeorg/ifmellm-create
    Range: 1.0.0 to 7.33.2
  • ifmeorg/ifmev5
    Range: 1.0.0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.