5 matches found
CVE-2023-3394
Session Fixation in GitHub repository fossbilling/fossbilling prior to 0.5.1...
CVE-2023-3394
Session Fixation in GitHub repository fossbilling/fossbilling prior to 0.5.1...
CVE-2023-3394 Session Fixation in fossbilling/fossbilling
Session Fixation in GitHub repository fossbilling/fossbilling prior to 0.5.1...
CVE-2023-3394 Session Fixation in fossbilling/fossbilling
Session Fixation in GitHub repository fossbilling/fossbilling prior to 0.5.1...
CVE-2023-3394
The CVE-2023-3394 entry describes a Session Fixation flaw in FossBilling (fossbilling/fossbilling) prior to version 0.5.1. The root cause is failing to regenerate the session identifier (PHPSESSID) after user authentication, allowing an attacker to fix a session before login and potentially acces...