2 matches found
CVE-2008-6569
Session fixation vulnerability in Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to hijack web sessions via the session ID in the login page...
CVE-2008-6569
Cybozu Garoon 2.0.0–2.1.3 is affected by a session-fixation vulnerability that can allow a remote attacker to impersonate a logged-in user by supplying a session ID on login. Root cause is session handling during authentication, leading to session hijacking. Impact stated across connected sources...