Lucene search
K

7 matches found

OSV
OSV
added 2026/06/09 9:16 a.m.6 views

UBUNTU-CVE-2009-10007

Catalyst::Plugin::Authentication versions before 0.10027 for Perl is susceptible to session fixation attacks. Catalyst::Plugin::Authentication does not automatically change the session id after authentication. An attacker that obtains a session id cookie can use this to impersonate the victim...

9.1CVSS5.5AI score0.00369EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/09/09 4:9 p.m.2 views

wildfly-elytron: org.keycloak/keycloak-services: session fixation in elytron saml adapters

A session fixation issue was discovered in the SAML adapters provided by Keycloak. The session ID and JSESSIONID cookie are not changed at login time, even when the turnOffChangeSessionIdOnLogin option is configured. This flaw allows an attacker who hijacks the current session before authenticati...

7.1CVSS5.8AI score0.008EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/09/09 4:2 p.m.10 views

wildfly-elytron: org.keycloak/keycloak-services: session fixation in elytron saml adapters

A session fixation issue was discovered in the SAML adapters provided by Keycloak. The session ID and JSESSIONID cookie are not changed at login time, even when the turnOffChangeSessionIdOnLogin option is configured. This flaw allows an attacker who hijacks the current session before authenticati...

7.1CVSS5.8AI score0.008EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/09/09 4:1 p.m.3 views

wildfly-elytron: org.keycloak/keycloak-services: session fixation in elytron saml adapters

A session fixation issue was discovered in the SAML adapters provided by Keycloak. The session ID and JSESSIONID cookie are not changed at login time, even when the turnOffChangeSessionIdOnLogin option is configured. This flaw allows an attacker who hijacks the current session before authenticati...

7.1CVSS5.8AI score0.008EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/09/09 4:0 p.m.7 views

wildfly-elytron: org.keycloak/keycloak-services: session fixation in elytron saml adapters

A session fixation issue was discovered in the SAML adapters provided by Keycloak. The session ID and JSESSIONID cookie are not changed at login time, even when the turnOffChangeSessionIdOnLogin option is configured. This flaw allows an attacker who hijacks the current session before authenticati...

7.1CVSS5.8AI score0.008EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/09/09 12:0 a.m.27 views

Red Hat Keycloak 授权问题漏洞

Red Hat Keycloak is a suite of software from Red Hat, Inc. that provides authentication and management capabilities for modern applications and services. An authorization issue vulnerability exists in Red Hat Keycloak that stems from a session fixation issue discovered in the SAML adapter. Even i...

7.1CVSS4.3AI score0.008EPSS
Exploits0References14
Snyk
Snyk
added 2022/11/18 12:41 p.m.1 views

Session Fixation

Overview tribalsystems/zenario is a Zenario is a web-based content management system for sites with one or many languages. Affected versions of this package are vulnerable to Session Fixation such that the user session identifier authentication token is issued to the browser prior to authenticati...

6.3CVSS7.1AI score0.00443EPSS
Exploits1References2
Rows per page
Query Builder