Vulnerabilities > Session Fixation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-12 | CVE-2023-37946 | Session Fixation vulnerability in Jenkins Openshift Login Jenkins OpenShift Login Plugin 1.1.0.227.v27e08dfb_1a_20 and earlier does not invalidate the previous session on login. | 8.8 |
| 2023-06-23 | CVE-2023-3394 | Session Fixation vulnerability in Fossbilling Session Fixation in GitHub repository fossbilling/fossbilling prior to 0.5.1. | 5.4 |
| 2023-06-15 | CVE-2023-28809 | Session Fixation vulnerability in Hikvision products Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully logs in. | 7.5 |
| 2023-06-11 | CVE-2023-3192 | Session Fixation vulnerability in Froxlor Session Fixation in GitHub repository froxlor/froxlor prior to 2.1.0. | 5.4 |
| 2023-05-16 | CVE-2023-32997 | Session Fixation vulnerability in Jenkins CAS Jenkins CAS Plugin 1.6.2 and earlier does not invalidate the previous session on login. | 8.8 |
| 2023-05-11 | CVE-2023-31498 | Session Fixation vulnerability in PHPgurukul Hospital Management System 4.0 A privilege escalation issue was found in PHP Gurukul Hospital Management System In v.4.0 allows a remote attacker to execute arbitrary code and access sensitive information via the session token parameter. | 9.8 |
| 2023-05-09 | CVE-2023-28316 | Session Fixation vulnerability in Rocket.Chat A security vulnerability has been discovered in the implementation of 2FA on the rocket.chat platform, where other active sessions are not invalidated upon activating 2FA. | 9.8 |
| 2023-05-09 | CVE-2023-30056 | Session Fixation vulnerability in Fico Origination Manager Decision 4.8.1 A session takeover vulnerability exists in FICO Origination Manager Decision Module 4.8.1 due to insufficient protection of the JSESSIONID cookie. | 7.5 |
| 2023-05-03 | CVE-2023-1265 | Session Fixation vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 11.9 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. | 4.5 |
| 2023-04-21 | CVE-2023-29019 | Session Fixation vulnerability in Fastify Passport @fastify/passport is a port of passport authentication library for the Fastify ecosystem. | 8.1 |