Unrated severityNVD Advisory· Published Jan 18, 2022· Updated Dec 6, 2024
Session is not invalidated on server-side when user logged out of Boards
CVE-2021-37866
Description
Mattermost Boards plugin v0.10.0 and earlier fails to invalidate a session on the server-side when a user logged out of Boards, which allows an attacker to reuse old session token for authorization.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=0.10.0
- Range: unspecified
Patches
Vulnerability mechanics
References
2- mattermost.com/security-updates/mitrex_refsource_MISC
- www.whitesourcesoftware.com/vulnerability-database/CVE-2021-37866mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.