Kubepi · Kubepi · CVE-2023-22479
**Name of the Vulnerable Software and Affected Versions**
KubePi versions 1.6.3 and below
**Description**
A session fixation attack allows an attacker to hijack a legitimate user session. This issue is related to a flaw in how the online application handles the session ID, particularly in susceptible web applications.
**Recommendations**
For versions 1.6.3 and below, upgrade to version 1.6.4 to resolve the issue. As a temporary workaround, consider restricting access to sensitive areas of the application until the update can be applied.