[MEDIUM] Flarum Vulnerable to Session Hijacking via Authoritative Subdomain Cookie Overwrite

PKSA-wm5r-h6h3-m2pf CVE-2025-27794 GHSA-hg9j-64wp-m9px

Affected package: flarum/core

Affected version: <1.8.10

Reported by:
GitHub