Description
Session fixation vulnerability in Drupal 5.x before 5.9 and 6.x before 6.3, when contributed modules "terminate the current request during a login event," allows remote attackers to hijack web sessions via unknown vectors.
Remediation
References
Related Vulnerabilities
WordPress Plugin Shopping Cart & eCommerce Store Unspecified Vulnerability (3.1.9)
WordPress URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-4048)
WordPress Plugin VK Gallery TimThumb Arbitrary File Upload (1.1.0)
MySQL CVE-2022-21301 Vulnerability (CVE-2022-21301)
WordPress Plugin The Events Calendar Cross-Site Scripting (4.8.1)