CVE-2025-24859 — A session management vulnerability exists in Apache Roller before version 6.1.5 where active user sessions are not properly invalidated after password changes. When a user's password is changed, e — CVE Database · The Intelligence Room