Security Advisory

CVE-2023-53957

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-19 21:05:52

Last updated 2026-04-07 14:08:11

Assigner VulnCheck

State PUBLISHED

Description

Kimai 1.30.10 contains a SameSite cookie vulnerability that allows attackers to steal user session cookies through malicious exploitation. Attackers can trick victims into executing a crafted PHP script that captures and writes session cookie information to a file, enabling potential session hijacking.

← Browse all CVEs View on cve.org ↗