Gibbon · Gibbon · CVE-2022-27305
**Name of the Vulnerable Software and Affected Versions**
Gibbon version v23
**Description**
The issue arises because the application does not generate a new session ID cookie after a user authenticates, making it susceptible to session fixation.
**Recommendations**
For version v23, regenerate a new session ID cookie after user authentication to prevent session fixation.