CVE-2023-37504 — HCL Compass is vulnerable to failure to invalidate sessions. The application does not invalidate authenticated sessions when the log out functionality is called. If the session identifier can be disc — CVE Database · The Intelligence Room