Critical severity9.8NVD Advisory· Published Aug 23, 2017· Updated Jun 17, 2026
CVE-2017-12965
CVE-2017-12965
Description
Session fixation vulnerability in Apache2Triad 1.5.4 allows remote attackers to hijack web sessions via the PHPSESSID parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:apache2triad:apache2triad:1.5.4:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:apache2triad:apache2triad:1.5.4:*:*:*:*:*:*:*
- (no CPE)range: =1.5.4
Patches
Vulnerability mechanics
References
4- hyp3rlinx.altervista.org/advisories/APACHE2TRIAD-SERVER-STACK-v1.5.4-MULTIPLE-CVE.txtnvdExploitThird Party Advisory
- packetstormsecurity.com/files/143863/Apache2Triad-1.5.4-CSRF-XSS-Session-Fixation.htmlnvdExploitThird Party AdvisoryVDB Entry
- www.exploit-db.com/exploits/42520/nvdExploitThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/100447nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.