Vulnerabilities

CVE-2020-12258

by Fred · 18/05/2020

rConfig 3.9.4 is vulnerable to session fixation because session expiry and randomization are mishandled. The application can reuse a session via PHPSESSID. Also, an attacker can exploit this vulnerability in conjunction with CVE-2020-12256 or CVE-2020-12259.

Date published : 2020-05-18

https://gist.github.com/farid007/8855031bad0e497264e4879efb5bc9f8

Similar

Tags: Cybersecurity Alert