github.com/argoproj/argo-cd is susceptible to session fixation. The attack exists because its authentication system issued immutable tokens without expiration, allowing an user to reuse the token without re-authentication.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/argoproj/argo-cd | le | v2.4.8 | |
github.com/argoproj/argo-cd | le | v2.4.8 |