Howard Johnson

**Name of the Vulnerable Software and Affected Versions** ipsilon versions 1.0 through 1.0.2 ipsilon versions 1.1 through 1.1.1 ipsilon versions 1.2 through 1.2.0 ipsilon versions 2.0 through 2.0.1 **Description** A issue was found that allows an attacker to log out active sessions of other users. This is related to how it tracks sessions, and allows an unauthenticated attacker to view and terminate active sessions from other users. It is also referred to as a "SAML2 multi-session" issue. **Recommendations** For ipsilon versions 1.0 through 1.0.2, update to version 1.0.3 or later. For ipsilon versions 1.1 through 1.1.1, update to version 1.1.2 or later. For ipsilon versions 1.2 through 1.2.0, update to version 1.2.1 or later. For ipsilon versions 2.0 through 2.0.1, update to version 2.0.2 or later.