4 matches found
CVE-2022-44788
An issue was discovered in Appalti & Contratti 9.12.2. It allows Session Fixation. When a user logs in providing a JSESSIONID cookie that is issued by the server at the first visit, the cookie value is not updated after a successful login...
CVE-2022-44788
creationtimestamp| type| source ---|---|--- 2022-11-22 02:56:23+00:00| seen| https://t.me/cibsecurity/53294...
CVE-2022-44788
CVE-2022-44788 affects Appalti & Contratti 9.12.2. The issue is session fixation caused by a JSESSIONID cookie issued on first visit not being updated after login, enabling potential session hijacking. The CVSS v3.1 base score is 6.5 (MEDIUM): Network attack vector, low attack complexity, no priv...
CVE-2022-44788
An issue was discovered in Appalti & Contratti 9.12.2. It allows Session Fixation. When a user logs in providing a JSESSIONID cookie that is issued by the server at the first visit, the cookie value is not updated after a successful login...