Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.Sign up
Session Management Issue in Administrations Tab #444
Session Management Issue in Administrations Tab
You need two browsers for exploitation
i.e it is not asking for reauthentication after password change..
The other browser doesnt log you out because of password change..Thus an attacker can edit any information...
Refer to owasp for session management