This frequently happens to me - I open the website and I am briefly logged in as another user as can be seen at the top right corner. It takes about a second and then I’m logged in as myself again. Managed to take a quick screenshot before it changed back.
The website theme is also changed from what I have it set to.
I find it a bit concerning how frequently this happens. Anyone have any idea as to why this happens?
Oh-oh someone might have configured caching wrong…
Like what happened to Steam in 2015: https://www.bleepingcomputer.com/news/security/steam-caching-error-leads-to-account-disclosure/
That’s a good guess. Mentioning our brave admins @gaywallet @alyaza to bring this to your attention.
You may want to read this and review caching headers and settings https://www.sans.org/blog/security-impact-of-http-caching-headers/
Edit: struggling with user mention syntax