A session management vulnerability exists in gugoan's Economizzer
v.0.9-beta1. The application fails to properly invalidate user sessions
upon logout or other session termination events. As a result, a valid
session remains active and usable even after the user has attempted to log
out.



POST /web/category/create HTTP/2

Host: <host>

Cookie: _economizzerSessionId=<<REDACTED>>;