Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • bobby kc 4 posts 24 karma points
    Dec 10, 2015 @ 15:55
    bobby kc
    0

    Umbraco Ver 7x backoffice security issue

    We have our client reported a security issue in backoffice.

    Reproduce: 1. Login to back office and copy session cookie value UMBUCONTEXT 2. Logout using logout button 3. Using any browser cookie editor create session cookie UMBUCONTEXT with the value copied ealier. 4 Now go to any page in back office and user will be able to access without login.

    This is a big security issue, is there any fix/hack for this issue?

  • bobby kc 4 posts 24 karma points
    Dec 14, 2015 @ 14:48
    bobby kc
    0

    Anybody there to help, how i can clear UMB_UCONTEXT server session on logout

Please Sign in or register to post replies

Write your reply to:

Draft