Session fixation vulnerability in Mambo 4.6.2 CMS allows remote malicious users to hijack web sessions by setting the Cookie parameter.
mambo mambo open source 4.6.2