CVE-2024-35049
9.1CRITICALSurveyKing v1.3.1 was discovered to keep users' sessions active after logout. Related to an incomplete fix for CVE-2022-25590.
Publicado: 5/14/2024Actualizado: 4/23/2025
Descripción
SurveyKing v1.3.1 was discovered to keep users' sessions active after logout. Related to an incomplete fix for CVE-2022-25590.
Análisis IAImpulsado por IA
Productos Afectados
surveykingsurveyking
1.3.1
Referencias
- https://github.com/javahuang/SurveyKing/issues/55ExploitIssue TrackingThird Party Advisory
- https://github.com/javahuang/SurveyKing/issues/55ExploitIssue TrackingThird Party Advisory