-
Bug
-
Resolution: Fixed
-
Low
-
8.22.6
-
8.22
-
4
-
Severity 3 - Minor
-
-
When a user changes their username via the UI the session cookie is not invalidated. For security purposes, all sessions should be invalidated and require the user to sign back in with the new password.
- is cloned from
-
CONFSERVER-75184 Confluence does not invalidate session after a password change
- Gathering Interest
- is incorporated by
-
JRASERVER-74939 Session invalidation should be propagated to other nodes in the cluster
- Closed
- relates to
-
VULN-790549 Loading...
-
VULN-872373 Loading...
-
RAID-3460 Loading...
(3 relates to)