Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.Sign up
Bug Report: Insecure Permissions of Reusable cookie #717
Steps to reproduce:
Accessible- [× ]
You can see that redirction
This cookie can be reuse
Accessible- [√ ]
discovered by: topsec(lizhiqiang)
It depends on what "3. Login out" means. If it's clicking the logout link in piwigo, we definitely have a bug. (or misconfiguration of the server domain and/or path for setting the cookie versus deleting it).
I also tested, like @modus75 did and I also see the session being removed.
So I wonder what @Akityo has been able to do with a "deleted session id" :-/ There is no magic here: if the session is deleted on Piwigo side, you won't magically get administrator access by stealing the session id of an administrator that has logged out.
@Akityo can you give more details, by email, not on Github, about the security issue you have found?