CVE-2024-2260 – A session fixation vulnerability exists in the zenml-io/zenml application, where JWT …

16 April 2024

Vuln ID: CVE-2024-2260

Published: 2024-04-16 00:15:11.237

Description: A session fixation vulnerability exists in the zenml-io/zenml application, where JWT tokens used for user authentication are not invalidated upon logout. This flaw allows an attacker to bypass authentication mechanisms by reusing a victim’s JWT token.

Base Score: –

Vector:

Source: NVD.NIST.GOV

Date:

16 April 2024

Categorie(s):

NVD

Tag(s):

NVD

Account compromise of “unprecedented scale” uses everyday home devices29 April 2024
Connected devices with awful default passwords now illegal in UK29 April 2024
Chrome users report broken connections after Chrome 124 release29 April 2024
Impact of cybersecurity organizational structure on ransomware outcomes: The most successful models29 April 2024
London Drugs closes all of its pharmacies following ‘cybersecurity incident’29 April 2024