CVE-2020-18701

Name of the Vulnerable Software and Affected Versions: Lin-CMS-Flask version 0.1.1

Description: The issue allows remote attackers to obtain sensitive information and/or gain privileges due to the application not invalidating a user's authentication token upon logout, which allows for replaying packets. This is a result of incorrect access control in the application.

Recommendations: For Lin-CMS-Flask version 0.1.1, consider implementing a mechanism to invalidate user authentication tokens upon logout to prevent replaying packets. As a temporary workaround, consider restricting access to sensitive information and privileges until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.