{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7505?format=json","vulnerability_id":"VCID-vfu2-cejq-27cg","summary":"Incorrect Access Control in Lin-CMS-Flask v0.1.1 allows remote attackers to obtain sensitive information and/or gain privileges due to the application not invalidating a user's authentication token upon logout, which allows for replaying packets.","aliases":[{"alias":"CVE-2020-18701"},{"alias":"PYSEC-2021-341"}],"fixed_packages":[],"affected_packages":[],"references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-18701","reference_id":"","reference_type":"","scores":[{"value":"0.01243","scoring_system":"epss","scoring_elements":"0.79586","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-18701"},{"reference_url":"https://github.com/TaleLin/lin-cms-flask/issues/30","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/TaleLin/lin-cms-flask/issues/30"}],"weaknesses":[],"exploits":[],"severity_range_score":null,"exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vfu2-cejq-27cg"}