7.1 High
AI Score
Confidence
Low
0.0005 Low
EPSS
Percentile
17.0%
Dev blog v1.0 allows to exploit an account takeover through the βuserβ cookie. With this, an attacker can access any userβs session just by knowing their username.
fluidattacks.com/advisories/almighty/
github.com/Armanidrisi/devblog/