You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Vulnerability Description :- The Ponzu CMS is vulnerable to TOCTTOU attack. When an admin user deletes another admin user in the web application who is logged in at another system’s browser. After deleting, deleted admin user’s session will be active and he can perform any action in the web application, although his account is deleted.
Step To Reproduce :-
Create an admin user.
Log in at another system’s browser.
Delete that user.
User session will be active.
The text was updated successfully, but these errors were encountered:
Vulnerability Description :- The Ponzu CMS is vulnerable to TOCTTOU attack. When an admin user deletes another admin user in the web application who is logged in at another system’s browser. After deleting, deleted admin user’s session will be active and he can perform any action in the web application, although his account is deleted.
Step To Reproduce :-
The text was updated successfully, but these errors were encountered: