Vulnerabilities > Session Fixation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-15 | CVE-2023-2105 | Session Fixation vulnerability in Easyappointments Session Fixation in GitHub repository alextselegidis/easyappointments prior to 1.5.0. | 8.8 |
| 2023-03-09 | CVE-2023-27490 | Session Fixation vulnerability in Nextauth.Js Next-Auth NextAuth.js is an open source authentication solution for Next.js applications. | 8.8 |
| 2023-02-16 | CVE-2021-42761 | Session Fixation vulnerability in Fortinet Fortiweb A condition for session fixation vulnerability [CWE-384] in the session management of FortiWeb versions 6.4 all versions, 6.3.0 through 6.3.16, 6.2.0 through 6.2.6, 6.1.0 through 6.1.2, 6.0.0 through 6.0.7, 5.9.0 through 5.9.1 may allow a remote, unauthenticated attacker to infer the session identifier of other users and possibly usurp their session. | 9.8 |
| 2023-02-03 | CVE-2022-24895 | Session Fixation vulnerability in Sensiolabs Symfony Symfony is a PHP framework for web and console applications and a set of reusable PHP components. | 8.8 |
| 2023-01-26 | CVE-2023-24424 | Session Fixation vulnerability in Jenkins Openid Connect Authentication Jenkins OpenId Connect Authentication Plugin 2.4 and earlier does not invalidate the previous session on login. | 8.8 |
| 2023-01-26 | CVE-2023-24427 | Session Fixation vulnerability in Jenkins Bitbucket Oauth Jenkins Bitbucket OAuth Plugin 0.12 and earlier does not invalidate the previous session on login. | 9.8 |
| 2023-01-26 | CVE-2023-24456 | Session Fixation vulnerability in Jenkins Keycloak Authentication Jenkins Keycloak Authentication Plugin 2.3.0 and earlier does not invalidate the previous session on login. | 9.8 |
| 2023-01-20 | CVE-2021-29368 | Session Fixation vulnerability in Cuppacms Session fixation vulnerability in CuppaCMS thru commit 4c9b742b23b924cf4c1f943f48b278e06a17e297 on November 12, 2019 allows attackers to gain access to arbitrary user sessions. | 8.8 |
| 2023-01-10 | CVE-2023-22479 | Session Fixation vulnerability in Fit2Cloud Kubepi KubePi is a modern Kubernetes panel. | 6.5 |
| 2023-01-06 | CVE-2014-125048 | Session Fixation vulnerability in Kluks Xingwall A vulnerability, which was classified as critical, has been found in kassi xingwall. | 5.4 |