The user_logout function in TikiWiki CMS/Groupware 4.x prior to 4.2 does not properly delete user login cookies, which allows remote malicious users to gain access via cookie reuse.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
tiki tikiwiki cms\\/groupware 4.0 |
||
tiki tikiwiki cms\\/groupware 4.1 |