No session logout after changing password & alsoandroid sessions not shown in sessions list so they can be deleted
Unknown
Vulnerability Details
There is no session logout after changing password and also if admin needs to disconnect some session of android no android sessions are shown in list
If attacker has password and logins somehow using android app he may not be logged out as there are no session logout after changing password and also no android sessions are shown in web client
Actions
View on HackerOneReport Stats
- Report ID: 194329
- State: Closed
- Substate: resolved
- Upvotes: 35