2019-04-08 20:37:08
mitre
PUBLISHED
applicationadmincontrollerUser.php in ThinkAdmin V4.0 does not prevent continued use of an administrators cookie-based credentials after a password change.