CVE-2022-2306

Summary

Old session tokens can be used to authenticate to the application and send authenticated requests.

Affected Software

VendorProductVersion RangeStatus
heroiclabsheroiclabs/nakamaunspecified < 3.13.0affected

Weaknesses

  • CWE-613: CWE-613 Insufficient Session Expiration

ADP Enrichment

CVE Program Container

Additional References

References