CVE-2006-4099
CVE-2006-4099 concerns Business Objects Crystal Enterprise 9 and 10, where the system generates predictable session identifiers, allowing remote attackers to hijack other users’ sessions through the WCSID cookie. The connected documents confirm the vulnerable component and the impact (session hij...