CVE-2014-10400

Publication date

2020-02-06 15:26:31

Family

mitre

State

PUBLISHED

Description

The session.lua library in CGILua 5.0.x uses sequential session IDs, which makes it easier for remote attackers to predict the session ID and hijack arbitrary sessions. NOTE: this vulnerability was SPLIT from CVE-2014-2875.