CNNVD-202510-2148 Information

CNNVD ID

CNNVD-202510-2148

Related CVE

CVE-2025-56746

• CNNVD Published: 2025-10-15

Description (Chinese)

Creativeitem Academy LMS是孟加拉国Creativeitem公司的一个在线学习管理系统。 Creativeitem Academy LMS 5.13及之前版本存在安全漏洞，该漏洞源于未在成功身份验证后重新生成会话ID，可能导致会话固定攻击。

Description (English)

Creativeitem Academy LMS is an online learning management system for Creativeitem in Bangladesh. There is a security loophole in Creativeitem Academy LMS 5.13 and earlier versions, which stems from the failure to recreate session ID after successful identification, which could lead to a fixed session attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Creativeitem

Published

2025-10-15

Last Modified

2026-02-24

References

https://suryadina.com/academy-lms-session-fixation-1t8v5n3q6h/ https://access.redhat.com/security/cve/cve-2025-56746