8.8
CVSSv3

CVE-2022-27305

Published: 25/05/2022 Updated: 08/06/2022
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

Gibbon v23 does not generate a new session ID cookie after a user authenticates, making the application vulnerable to session fixation.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

gibbonedu gibbon