Session fixation vulnerability in html/Elements/SetupSessionCookie in Best Practical Solutions RT 3.0.0 up to and including 3.6.9 and 3.8.x up to and including 3.8.5 allows remote malicious users to hijack web sessions by setting the session identifier via a manipulation that leverages a second web server within the same domain.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
bestpractical rt 3.6.6 |
||
bestpractical rt 3.6.7 |
||
bestpractical rt 3.8.4 |
||
bestpractical rt 3.8.5 |
||
bestpractical rt 3.0.1 |
||
bestpractical rt 3.0.10 |
||
bestpractical rt 3.0.7 |
||
bestpractical rt 3.0.7.1 |
||
bestpractical rt 3.6.1 |
||
bestpractical rt 3.6.2 |
||
bestpractical rt 3.8.0 |
||
bestpractical rt 3.8.1 |
||
bestpractical rt 3.4.2 |
||
bestpractical rt 3.4.3 |
||
bestpractical rt 3.0.2 |
||
bestpractical rt 3.0.3 |
||
bestpractical rt 3.0.4 |
||
bestpractical rt 3.2.0 |
||
bestpractical rt 3.2.1 |
||
bestpractical rt 3.6.3 |
||
bestpractical rt 3.6.4 |
||
bestpractical rt 3.6.5 |
||
bestpractical rt 3.8.2 |
||
bestpractical rt 3.8.3 |
||
bestpractical rt 3.4.4 |
||
bestpractical rt 3.4.5 |
||
bestpractical rt 3.0.5 |
||
bestpractical rt 3.0.6 |
||
bestpractical rt 3.2.2 |
||
bestpractical rt 3.2.3 |
||
bestpractical rt 3.4.6 |
||
bestpractical rt 3.6.0 |
||
bestpractical rt 3.6.8 |
||
bestpractical rt 3.6.9 |
||
bestpractical rt 3.4.0 |
||
bestpractical rt 3.4.1 |
||
bestpractical rt 3.0.11 |
||
bestpractical rt 3.0.12 |
||
bestpractical rt 3.0.9 |
||
bestpractical rt 3.0.8 |
Vulmon