CVE-2022-2306
Old session tokens can be used to authenticate to the application and send authenticated requests.
Date published : 2022-07-05
https://huntr.dev/bounties/35acf263-6db4-4310-ab27-4c3c3a53f796
https://github.com/heroiclabs/nakama/commit/ce8d3921e2acd44ef8b5e6edfe595b6df067b166