Description
Session fixation vulnerability in Drupal 4.5.x before 4.5.8 and 4.6.x before 4.5.8 allows remote attackers to gain privileges by tricking a user to click on a URL that fixes the session identifier.
Remediation
References
Related Vulnerabilities
WordPress Plugin WPE Indoshipping Multiple Remote File Inclusion Vulnerabilities (2.5.0)
Apache Tomcat CVE-2022-29885 Vulnerability (CVE-2022-29885)
WordPress 2.8.3 Admin Password Reset Security Bypass Vulnerability (0.6.2 - 2.8.3)
Moodle DEPRECATED: Code Vulnerability (CVE-2015-2270)
IBM RTC Improper Restriction of XML External Entity Reference Vulnerability (CVE-2016-0219)