Being able to change account contents even after password change
Medium
K
Kartpay
Submitted None
Team Summary
Official summary from Kartpay
Improper Handling of Sessions leads to this vulnerability where users can try to login with 2 different sessions in 2 different browsers. changing any data doesn't reflect all the logged-in sessions.
Actions:
Reported by
bubbletroublesnuggle
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Insufficient Session Expiration