Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Session not expiring on logout #379
When the user hits "logout" the session is only cleared on the browser. It is not being cleared on the server. So anyone with the old session information can make valid requests to user pages.
This vulnerability has been reported through the Bug bounty program