Vulnerability Details CVE-2025-69602
A session fixation vulnerability exists in 66biolinks v62.0.0 by AltumCode, where the application does not regenerate the session identifier after successful authentication. As a result, the same session cookie value is reused for users logging in from the same browser, allowing an attacker who can set or predict a session ID to potentially hijack an authenticated session.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 13.6%
CVSS Severity
CVSS v3 Score 9.1
Products affected by CVE-2025-69602
-
cpe:2.3:a:altumcode:66biolinks:62.0.0