A vulnerability has been identified in QMS Automotive ...
Low severity
Unreviewed
Published
Sep 14, 2023
to the GitHub Advisory Database
•
Updated Apr 4, 2024
Description
Published by the National Vulnerability Database
Sep 12, 2023
Published to the GitHub Advisory Database
Sep 14, 2023
Last updated
Apr 4, 2024
A vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile module of the affected application does not invalidate the session token on logout. This could allow an attacker to perform session hijacking attacks.
References