📄 iDempiere WebUI 12.0.0.202508171158 Session Fixation
iDempiere WebUI version 12.0.0.202508171158 suffers from a session fixation vulnerability. The application does not issue a new session identifier JSESSIONID after successful authentication. An attacker who can set or predict a victim’s session ID prior to login may hijack the victim’s...