Session Fixation Apache DolphinScheduler before version 3.2.0, which session is still valid after the password change.
Users are recommended to upgrade to version 3.2.1, which fixes this issue.
Metrics
Affected Vendors & Products
References
History
Thu, 29 Aug 2024 21:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-384 | |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: apache
Published: 2024-02-20T10:01:32.260Z
Updated: 2024-08-29T15:08:36.166Z
Reserved: 2023-12-06T02:25:09.094Z
Link: CVE-2023-50270
Vulnrichment
Updated: 2024-08-02T22:16:46.169Z
NVD
Status : Awaiting Analysis
Published: 2024-02-20T10:15:08.140
Modified: 2024-11-21T08:36:47.543
Link: CVE-2023-50270
Redhat
No data.