Download
| Alert*
|
oval:org.secpod.oval:def:603923
It was discovered that the Lemonldap::NG web SSO system performed insuffient validation of session tokens if the tokenUseGlobalStorage option is enabled, which could grant users with access to the main session database access to an anonymous session. oval:org.secpod.oval:def:55034 It was discovered that the Lemonldap::NG web SSO system performed insuffient validation of session tokens if the "tokenUseGlobalStorage" option is enabled, which could grant users with access to the main session database access to an anonymous session. |
