Vulnerabilities > Session Fixation

DATE	CVE	VULNERABILITY TITLE	RISK
2023-04-21	CVE-2023-29019	Session Fixation vulnerability in Fastify Passport @fastify/passport is a port of passport authentication library for the Fastify ecosystem. network low complexity fastify CWE-384	8.1
2023-04-15	CVE-2023-2105	Session Fixation vulnerability in Easyappointments Session Fixation in GitHub repository alextselegidis/easyappointments prior to 1.5.0. network low complexity easyappointments CWE-384	8.8
2023-03-09	CVE-2023-27490	Session Fixation vulnerability in Nextauth.Js Next-Auth NextAuth.js is an open source authentication solution for Next.js applications. network low complexity nextauth-js CWE-384	8.8
2023-02-16	CVE-2021-42761	Session Fixation vulnerability in Fortinet Fortiweb A condition for session fixation vulnerability [CWE-384] in the session management of FortiWeb versions 6.4 all versions, 6.3.0 through 6.3.16, 6.2.0 through 6.2.6, 6.1.0 through 6.1.2, 6.0.0 through 6.0.7, 5.9.0 through 5.9.1 may allow a remote, unauthenticated attacker to infer the session identifier of other users and possibly usurp their session. network low complexity fortinet CWE-384 critical	9.8
2023-02-03	CVE-2022-24895	Session Fixation vulnerability in Sensiolabs Symfony Symfony is a PHP framework for web and console applications and a set of reusable PHP components. network low complexity sensiolabs CWE-384	8.8
2023-01-26	CVE-2023-24424	Session Fixation vulnerability in Jenkins Openid Connect Authentication Jenkins OpenId Connect Authentication Plugin 2.4 and earlier does not invalidate the previous session on login. network low complexity jenkins CWE-384	8.8
2023-01-26	CVE-2023-24427	Session Fixation vulnerability in Jenkins Bitbucket Oauth Jenkins Bitbucket OAuth Plugin 0.12 and earlier does not invalidate the previous session on login. network low complexity jenkins CWE-384 critical	9.8
2023-01-26	CVE-2023-24456	Session Fixation vulnerability in Jenkins Keycloak Authentication Jenkins Keycloak Authentication Plugin 2.3.0 and earlier does not invalidate the previous session on login. network low complexity jenkins CWE-384 critical	9.8
2023-01-20	CVE-2021-29368	Session Fixation vulnerability in Cuppacms Session fixation vulnerability in CuppaCMS thru commit 4c9b742b23b924cf4c1f943f48b278e06a17e297 on November 12, 2019 allows attackers to gain access to arbitrary user sessions. network low complexity cuppacms CWE-384	8.8
2023-01-10	CVE-2023-22479	Session Fixation vulnerability in Fit2Cloud Kubepi KubePi is a modern Kubernetes panel. network low complexity fit2cloud CWE-384	6.5

Vulnerabilities > Session Fixation {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Session Fixation"}]}

Vulnerabilities > Session Fixation