Roller

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2025-24859 LOW Monitor

A session management vulnerability exists in Apache Roller before version 6.1.5 where active user sessions are not properly invalidated after password changes. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

Apache Authentication Bypass Roller

NVD

CVSS 4.0

2.1

EPSS

0.1%

CVE-2025-24859

EPSS 0% CVSS 2.1

LOW Monitor

A session management vulnerability exists in Apache Roller before version 6.1.5 where active user sessions are not properly invalidated after password changes. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

Apache Authentication Bypass Roller

NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy