Concorde Improper Logout Process Leading to Authentication Token Theft Vulnerability
Vulnerability
A vulnerability exists in Concorde, a fork of the Misskey microblogging platform, prior to version 12.25Q1.1. The issue arises from an improper implementation of the logout process, which allows authentication credentials to remain in cookies even after a user has logged out. This could enable an attacker to steal authentication tokens, particularly if an admin user has used a shared device. Users should regenerate their login tokens if they have logged in on a public device.
Impact
The vulnerability allows for the theft of authentication tokens from cookies, which could be exploited to impersonate a user, especially if that user has admin privileges.
Remediation
Users can clear cookies and site data in their browser after logging out. To regenerate login tokens, go to Settings > Security.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.