CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-44788

An issue was discovered in Appalti & Contratti 9.12.2. It allows Session Fixation. When a user logs in providing a JSESSIONID cookie that is issued by the server at the first visit, the cookie value is not updated after a successful login.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 25.6%

CVSS Severity

CVSS v3 Score 6.5

References

https://members.backbox.org/maggioli-appalti-contratti-multiple-vulnerabilities/
https://members.backbox.org/maggioli-appalti-contratti-multiple-vulnerabilities/

Products affected by CVE-2022-44788

Maggioli » Appalti & Contratti » Version: 9.12.2

cpe:2.3:a:maggioli:appalti_&_contratti:9.12.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-44788

Products

Pricing

Contact Us