Vulnerability Details CVE-2013-10075
Apache::Session versions through 1.94 for Perl re-creates deleted sessions.
The session stores Apache::Session::Store::File and Apache::Session::Store::DB_File will create a session that does not exist. This can lead to sessions being revived, potentially with data that was to be deleted.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 2.9%
CVSS Severity
CVSS v3 Score 9.1
References