Session fixation vulnerability in shopping_cart.php in xt:Commerce 3.0.4 and previous versions allows remote malicious users to hijack web sessions by setting the XTCsid parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xt-commerce xt-commerce |