A Session ID leak in the DEBUG log file in Graylog before...
Critical severity
Unreviewed
Published
May 24, 2022
to the GitHub Advisory Database
•
Updated Jan 30, 2023
Description
Published by the National Vulnerability Database
Jul 31, 2021
Published to the GitHub Advisory Database
May 24, 2022
Last updated
Jan 30, 2023
A Session ID leak in the DEBUG log file in Graylog before 4.1.2 allows attackers to escalate privileges (to the access level of the leaked session ID).
References