As on Windows servers no cleanup is done on CSRF tokens, they can be reused by a malicious user.
Fixed in 2.7.4 and 3.0.0
Combodo ref N°3728
Internal.
If you have any questions or comments about this advisory: Email us at itop-security@combodo.com
Impact
As on Windows servers no cleanup is done on CSRF tokens, they can be reused by a malicious user.
Patches
Fixed in 2.7.4 and 3.0.0
References
Combodo ref N°3728
Credits
Internal.
For more information
If you have any questions or comments about this advisory:
Email us at itop-security@combodo.com