CVE-2025-53642
Published
CVSS v3
4.8
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT
Description
haxcms-nodejs and haxcms-php are backends for HAXcms. The logout function within the application does not terminate a user's session or clear their cookies. Additionally, the application issues a refresh token when logging out. This vulnerability is fixed in 11.0.6.
Issue queue for hax, haxcms, elmsln, lrnwebcomponents, wcfactory, websites and more.
GitHub