Search Results (415 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-52268 1 Freescout Helpdesk 1 Freescout 2026-04-15 9.1 Critical
The End-User Portal module before 1.0.65 for FreeScout sometimes allows an attacker to authenticate as an arbitrary user because a session token can be sent to the /auth endpoint. NOTE: this module is not part of freescout-helpdesk/freescout on GitHub.
CVE-2024-28144 2026-04-15 5.5 Medium
An attacker who can spoof the IP address and the User-Agent of a logged-in user can takeover the session because of flaws in the self-developed session management. If two users access the web interface from the same IP they are logged in as the other user.
CVE-2025-0126 1 Paloaltonetworks 1 Pan-os 2026-04-15 N/A
When configured using SAML, a session fixation vulnerability in the GlobalProtect™ login enables an attacker to impersonate a legitimate authorized user and perform actions as that GlobalProtect user. This requires the legitimate user to first click on a malicious link provided by the attacker. The SAML login for the PAN-OS® management interface is not affected. Additionally, this issue does not affect Cloud NGFW and all Prisma® Access instances are proactively patched.
CVE-2024-25977 2026-04-15 7.3 High
The application does not change the session token when using the login or logout functionality. An attacker can set a session token in the victim's browser (e.g. via XSS) and prompt the victim to log in (e.g. via a redirect to the login page). This results in the victim's account being taken over.
CVE-2025-10228 1 Rolantis Information Technologies 1 Agentis 2026-04-15 8.8 High
Session Fixation vulnerability in Rolantis Information Technologies Agentis allows Session Hijacking.This issue affects Agentis: before 4.44.
CVE-2025-12390 1 Redhat 1 Build Keycloak 2026-04-15 6 Medium
A flaw was found in Keycloak. In Keycloak where a user can accidentally get access to another user's session if both use the same device and browser. This happens because Keycloak sometimes reuses session identifiers and doesn’t clean up properly during logout when browser cookies are missing. As a result, one user may receive tokens that belong to another user.
CVE-2025-70973 1 Scadabr 1 Scadabr 2026-04-07 4.8 Medium
ScadaBR 1.12.4 is vulnerable to Session Fixation. The application assigns a JSESSIONID session cookie to unauthenticated users and does not regenerate the session identifier after successful authentication. As a result, a session created prior to login becomes authenticated once the victim logs in, allowing an attacker who knows the session ID to hijack an authenticated session.
CVE-2023-53776 1 Dbbroadcast 3 Sft Dab 600\/c, Sft Dab 600\/c Firmware, Sft Dab Series 2026-04-07 8.8 High
Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to exploit weak session management by reusing IP-bound session identifiers. Attackers can issue unauthorized requests to the device management API by leveraging the session binding mechanism to perform critical operations on the transmitter.
CVE-2023-53775 1 Dbbroadcast 3 Sft Dab 600\/c, Sft Dab 600\/c Firmware, Sft Dab Series 2026-04-07 6.5 Medium
Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to change user passwords by exploiting weak session management controls. Attackers can reuse IP-bound session identifiers to issue unauthorized requests to the userManager API and modify user credentials without proper authentication.
CVE-2023-53741 1 Dbbroadcast 11 Sft Dab 015\/c, Sft Dab 015\/c Firmware, Sft Dab 050\/c and 8 more 2026-04-07 8.1 High
Screen SFT DAB 1.9.3 contains a weak session management vulnerability that allows attackers to bypass authentication controls by reusing IP address-bound session identifiers. Attackers can exploit the vulnerable API by intercepting and reusing established sessions to remove user accounts without proper authorization.
CVE-2026-25101 1 Bludit 1 Bludit 2026-04-03 9.8 Critical
Bludit allows user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behavior enables an attacker to fix a session ID for a victim and later hijack the authenticated session. This issue was fixed in version 3.17.2.
CVE-2026-33946 2 Lfprojects, Modelcontextprotocol 2 Mcp Ruby Sdk, Ruby-sdk 2026-04-02 5.9 Medium
MCP Ruby SDK is the official Ruby SDK for Model Context Protocol servers and clients. Prior to version 0.9.2, the Ruby SDK's streamable_http_transport.rb implementation contains a session hijacking vulnerability. An attacker who obtains a valid session ID can completely hijack the victim's Server-Sent Events (SSE) stream and intercept all real-time data. Version 0.9.2 contains a patch.
CVE-2024-7341 1 Redhat 8 Build Keycloak, Build Of Keycloak, Enterprise Linux and 5 more 2026-04-01 7.1 High
A session fixation issue was discovered in the SAML adapters provided by Keycloak. The session ID and JSESSIONID cookie are not changed at login time, even when the turnOffChangeSessionIdOnLogin option is configured. This flaw allows an attacker who hijacks the current session before authentication to trigger session fixation.
CVE-2026-33757 1 Openbao 1 Openbao 2026-04-01 9.6 Critical
OpenBao is an open source identity-based secrets management system. Prior to version 2.5.2, OpenBao does not prompt for user confirmation when logging in via JWT/OIDC and a role with `callback_mode` set to `direct`. This allows an attacker to start an authentication request and perform "remote phishing" by having the victim visit the URL and automatically log-in to the session of the attacker. Despite being based on the authorization code flow, the `direct` mode calls back directly to the API and allows an attacker to poll for an OpenBao token until it is issued. Version 2.5.2 includes an additional confirmation screen for `direct` type logins that requires manual user interaction in order to finish the authentication. This issue can be worked around either by removing any roles with `callback_mode=direct` or enforcing confirmation for every session on the token issuer side for the Client ID used by OpenBao.
CVE-2025-55266 2 Hcl, Hcltech 2 Aftermarket Dpc, Aftermarket Cloud 2026-03-27 5.9 Medium
HCL Aftermarket DPC is affected by Session Fixation which allows attacker to takeover the user's session and use it carry out unauthorized transaction behalf of the user.
CVE-2026-33492 1 Wwbn 1 Avideo 2026-03-25 7.3 High
WWBN AVideo is an open source video platform. In versions up to and including 26.0, AVideo's `_session_start()` function accepts arbitrary session IDs via the `PHPSESSID` GET parameter and sets them as the active PHP session. A session regeneration bypass exists for specific blacklisted endpoints when the request originates from the same domain. Combined with the explicitly disabled session regeneration in `User::login()`, this allows a classic session fixation attack where an attacker can fix a victim's session ID before authentication and then hijack the authenticated session. Commit 5647a94d79bf69a972a86653fe02144079948785 contains a patch.
CVE-2025-7014 2 Qr Menu Pro Smart Menu Systems, Qrmenumpro 2 Menu Panel, Menu Panel 2026-03-25 5.7 Medium
Session Fixation vulnerability in QR Menu Pro Smart Menu Systems Menu Panel allows Session Hijacking.This issue affects Menu Panel: through 29012026.  NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2025-7015 1 Akinsoft 1 Qr Menu 2026-03-09 5.7 Medium
Session Fixation vulnerability in Akın Software Computer Import Export Industry and Trade Ltd. QR Menu allows Session Fixation.This issue affects QR Menu: before s1.05.12.
CVE-2025-37159 1 Hpe 1 Arubaos-cx 2026-02-26 5.8 Medium
A vulnerability in the web management interface of the AOS-CX OS user authentication service could allow an authenticated remote attacker to hijack an active user session. Successful exploitation may enable the attacker to maintain unauthorized access to the session, potentially leading to the view or modification of sensitive configuration data.
CVE-2022-2820 1 Namelessmc 1 Nameless 2026-02-25 7 High
Session Fixation in GitHub repository namelessmc/nameless prior to v2.0.2.