CVE-2022-27305 Information

Jun 07, 2022 cve

Description

Gibbon v23 does not generate a new session ID cookie after a user authenticates making the application vulnerable to session fixation.

Reference

http://gibbonedu.com http://gibbon.com https://github.com/GibbonEdu/core/security/advisories/GHSA-4mq5-8jvh-qq3p

Share on: