Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Appalti & Contratti 9.12.2. It allows Session Fixation. When a user logs in providing a JSESSIONID cookie that is issued by the server at the first visit, the cookie value is not updated after a successful login.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Maggioli SpA Appalti & Contratti 授权问题漏洞
Vulnerability Description
Maggioli SpA Appalti & Contratti是Maggioli SpA公司的一个模块化平台。由多个集成的 web 应用程序组成,以支持意大利公共行政部门对其流程进行计算机化和远程信息管理。 Maggioli SpA Appalti & Contratti 9.12.2版本存在安全漏洞,该漏洞源于允许会话固定,当用户登录时提供服务器在第一次访问时下发的JSESSIONID cookie,登录成功后cookie值不会更新。
CVSS Information
N/A
Vulnerability Type
N/A