Security Advisory

CVE-2013-7302

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2014-04-29 14:00:00

Last updated 2024-08-06 18:01:20

Assigner mitre

State PUBLISHED

Description

Session fixation vulnerability in the Ubercart module 6.x-2.x before 6.x-2.13 and 7.x-3.x before 7.x-3.6 for Drupal, when the "Log in new customers after checkout" option is enabled, allows remote attackers to hijack web sessions by leveraging knowledge of the original session ID.

← Browse all CVEs View on cve.org ↗