Vulnerabilities > CVE-2021-37333 - Insufficient Session Expiration vulnerability in Bookingcore Booking Core 2.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Laravel Booking System Booking Core 2.0 is vulnerable to Session Management. A password change at sandbox.bookingcore.org/user/profile/change-password does not invalidate a session that is opened in a different browser.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |