-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI
GoGo| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| github.com/greenpau/caddy-security | go | <= 1.1.23 |
Miggo AIRoot Cause AnalysisThe core vulnerability stems from improper session invalidation in logout handlers. While exact function names aren't specified in available documentation, the described vulnerable endpoints (/logout and /oauth2/google/logout) imply their corresponding handler functions are deficient in: 1) Server-side session storage cleanup, 2) Client-side cookie expiration, and 3) OAuth token revocation. These handlers would typically be located in authentication-related files based on Go web application conventions. The high confidence comes from the direct correlation between the described vulnerability symptoms and the expected responsibilities of logout handler functions in session management workflows.
KEV Misses 88% of Exploited CVEs- Get the report