Full title: Textpattern 4.8.8 Session Token Disclosure Vulnerability 
Category: web applications
Platform: php
Textpattern version 4.8.8 logs the session token in a GET request where it may end up getting disclosed in logs or via a referer.

# 0day.today @ http://0day.today/