Hey guys,

there is a major issue with session handling.
This is a security issue since sessions can be stolen and used across devices.

To replicate try this:

  • Login to the forum (Browser A)
  • Save the Session you find inside the cookie
  • Open another browser (Browser B)
  • Open the forum in said browser (Browser B)
  • Edit the cookie and add your session
  • Log out in the other browser (Browser A)
  • Refresh (Browser B)
  • You should be logged in