[CRITICAL] October CMS Session ID not invalidated after logout

PKSA-gvvr-k6pk-nfpz CVE-2021-3311 GHSA-7ggw-h8pp-r95r

Affected version: >=1.1.0,<1.1.2|<1.0.472

Reported by:
GitHub

[MEDIUM] Reliance on Cookies without validation in OctoberCMS

PKSA-sq51-nv4y-j4xf CVE-2020-15128 GHSA-55mm-5399-7r63

Affected version: >=1.0.319,<1.0.468

Reported by:
GitHub