Site icon API Security Blog

CVE-2024-52311 data.all does not invalidate authentication token upon user logout

image
Authentication tokens issued via Cognito in data.all are not invalidated on log out, allowing for previously authenticated user to continue execution of authorized API Requests until token is…Read More

Exit mobile version