Fluid Attacks News logo

News

Subscribe to Updates

Labels

  • All Posts
  • Fix
  • Announcement
  • Improvement
  • new

Jump to Month

  • August 2025
  • July 2025
  • June 2025
  • April 2025
  • March 2025
  • February 2025
  • January 2025
  • December 2024
  • November 2024
  • October 2024
  • September 2024
  • August 2024
  • July 2024
  • June 2024
  • May 2024
  • April 2024
  • March 2024
  • February 2024
  • January 2024
  • December 2023
  • November 2023
  • October 2023
  • September 2023
  • August 2023
  • July 2023
  • June 2023
  • May 2023
  • April 2023
  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • July 2019
Fix
4 years ago

About Login Issues 2021-01-28


What happened

  • Due to a session management change (https://gitlab.com/fluidattacks/product/-/commit/1f67cd266283a8846ab8fc84ed761a3b89d2ff33) user cookies were deleted for current session.

  • If a user sign-in with an existent session all cookies are deleted and an unauthorized error is propagated through all user sessions. The bug was injected on 2021/01/27 14:31 (EST).

What we’ve done

  • Now the cookies are not deleted, only a notification about concurrent sessions. (https://gitlab.com/fluidattacks/product/-/commit/b8600cc80d0b4fd5142a02c7f0d71b564f68bb25)

What the impact was

  • Users who tried to log in with existent sessions get unauthorized error.

What we are doing to help

  • Check all user sessions to confirm if any user is affected. 
Avatar of authorJuan