CVE-2018-20238

Published: 2019-02-13T18:29Z

Last Modified: 2024-11-21T04:01Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Various rest resources in Atlassian Crowd before version 3.2.7 and from version 3.3.0 before version 3.3.4 allow remote attackers to authenticate using an expired user session via an insufficient session expiration vulnerability. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt