CVE-2021-29368

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions CuppaCMS versions prior to commit 4c9b742b23b924cf4c1f943f48b278e06a17e297

Description The issue allows attackers to gain access to arbitrary user sessions through a session fixation vulnerability.

Recommendations For versions prior to commit 4c9b742b23b924cf4c1f943f48b278e06a17e297, update to a version that includes the fix for this issue to prevent session fixation attacks.

Exploit

Fix

Session Fixation

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-384

Related Identifiers

CVE-2021-29368

Affected Products

Cuppacms

CVE-2021-29368

Weakness Enumeration

Related Identifiers

Affected Products

References · 5