CVE-2013-7302
CVE-2013-7302 affects the Ubercart module for Drupal (versions 6.x-2.x before 6.x-2.13 and 7.x-3.x before 7.x-3.6). The root cause is a session fixation flaw when the “Log in new customers after checkout” option is enabled, allowing an attacker to hijack a user’s session by leveraging knowledge o...