Hi there
So I have an open bug bounty program and a member has noticed what you can do with my application is:
-Log into the application
-Using Chrome Cookie addon, copy the cookies
-Clear the cookies
-Logout of the application
-Now paste the Cookies copied using the addon again
-Navigate to the Manage/Account part
..and voila you are back in the application!?
I'm not a security expert but surely once logout is called we shouldn't be able to do this. This application was created using the standard project you get from Microsoft with the builtin features like "Account" "Manage" etc.
I have an expiry on the Cookie now set to 5mins so this helps but stills seems like you shouldn't be able to do this unless I've misunderstood.
The logout function is fairly simple:
[Authorize]
public ActionResult LogOut()
{
AuthenticationManager.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
return RedirectToAction("Index", "Home");
}
Other details
C# MVC
Visual Studio 2019
.Net 4.7.2
Anyone able to explain if this is a bug or my lack of understanding, thanks in advance
What I have tried:
Thus far I not really tried much apart from searching the net, yet haven't found a decent solution.