Description
The File Session Manager in Beego 1.10.0 allows local users to read session files because there is a race condition involving file creation within a directory with weak permissions.
Remediation
References
Related Vulnerabilities
WordPress Plugin YITH WooCommerce Product Bundles Security Bypass (1.1.15)
WordPress Plugin Pinterest 'Pin It' Button Multiple Unspecified Vulnerabilities (1.3.1)
WordPress Plugin Sidebar Adder 2 Cross-Site Scripting (2.0.0)
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-3056)