Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Session fixation vulnerability in the Ubercart module 6.x-2.x before 6.x-2.13 and 7.x-3.x before 7.x-3.6 for Drupal, when the "Log in new customers after checkout" option is enabled, allows remote attackers to hijack web sessions by leveraging knowledge of the original session ID.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Drupal Ubercart模块会话固定漏洞
Vulnerability Description
Ubercart是一套开源的电子商务套件,它可集成与Drupal的网上商店,并提供了购物车功能。 Drupal Ubercart模块6.x-2.13之前的6.x-2.x版本和7.x-3.6之前的7.x-3.x版本中存在会话固定漏洞,当开启‘Log in new customers after checkout’选项时,远程攻击者可通过已知的源会话ID利用该漏洞劫持Web会话。
CVSS Information
N/A
Vulnerability Type
N/A