octoprint is vulnerable to insecure insufficient session expiration. The vulnerability exists because the session expiration is not properly handled in find_user
function in users.py
which allows an attacker to use old session credentials or session IDs for authorization.