Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

THREAT - Logout will not clear all the sessions in the browser #252

Open
chenchanglew opened this issue Dec 21, 2022 · 0 comments
Open

THREAT - Logout will not clear all the sessions in the browser #252

chenchanglew opened this issue Dec 21, 2022 · 0 comments
Labels
security issue A bad thing... web frontend

Comments

@chenchanglew
Copy link
Contributor

chenchanglew commented Dec 21, 2022
edited
Loading

Scenario

When a user logs out and the user is not closing his browser (closing a single tab will not solve this issue). A malicious user can just log in without the need to input their credentials.
The adversary can change the user’s previous vote or cast another ballot under user name.
The worst thing that can happen is if the previous login account is an admin account, the malicious user can assign themselves as admin and then get admin ability.

Source

It is easy to try to reproduce this error by logging in immediately after logout. Since the browser keeps the tequila cookie then the next user can log in without inputting their credentials.

Breaking Property

Authentication, Availability, Authorization

Risk

CVSS Score: 6.4/10

Mitigation

Not yet have a solution yet because all system that use Tequilla has the same problem
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
security issue A bad thing... web frontend
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@chenchanglew