7 matches found
UBUNTU-CVE-2009-10007
Catalyst::Plugin::Authentication versions before 0.10027 for Perl is susceptible to session fixation attacks. Catalyst::Plugin::Authentication does not automatically change the session id after authentication. An attacker that obtains a session id cookie can use this to impersonate the victim...
wildfly-elytron: org.keycloak/keycloak-services: session fixation in elytron saml adapters
A session fixation issue was discovered in the SAML adapters provided by Keycloak. The session ID and JSESSIONID cookie are not changed at login time, even when the turnOffChangeSessionIdOnLogin option is configured. This flaw allows an attacker who hijacks the current session before authenticati...
wildfly-elytron: org.keycloak/keycloak-services: session fixation in elytron saml adapters
A session fixation issue was discovered in the SAML adapters provided by Keycloak. The session ID and JSESSIONID cookie are not changed at login time, even when the turnOffChangeSessionIdOnLogin option is configured. This flaw allows an attacker who hijacks the current session before authenticati...
wildfly-elytron: org.keycloak/keycloak-services: session fixation in elytron saml adapters
A session fixation issue was discovered in the SAML adapters provided by Keycloak. The session ID and JSESSIONID cookie are not changed at login time, even when the turnOffChangeSessionIdOnLogin option is configured. This flaw allows an attacker who hijacks the current session before authenticati...
wildfly-elytron: org.keycloak/keycloak-services: session fixation in elytron saml adapters
A session fixation issue was discovered in the SAML adapters provided by Keycloak. The session ID and JSESSIONID cookie are not changed at login time, even when the turnOffChangeSessionIdOnLogin option is configured. This flaw allows an attacker who hijacks the current session before authenticati...
Red Hat Keycloak 授权问题漏洞
Red Hat Keycloak is a suite of software from Red Hat, Inc. that provides authentication and management capabilities for modern applications and services. An authorization issue vulnerability exists in Red Hat Keycloak that stems from a session fixation issue discovered in the SAML adapter. Even i...
Session Fixation
Overview tribalsystems/zenario is a Zenario is a web-based content management system for sites with one or many languages. Affected versions of this package are vulnerable to Session Fixation such that the user session identifier authentication token is issued to the browser prior to authenticati...