Medium severity6.5NVD Advisory· Published Nov 21, 2022· Updated Jun 17, 2026
CVE-2022-44788
CVE-2022-44788
Description
An issue was discovered in Appalti & Contratti 9.12.2. It allows Session Fixation. When a user logs in providing a JSESSIONID cookie that is issued by the server at the first visit, the cookie value is not updated after a successful login.
Affected products
2- Appalti & Contratti/Appalti & Contrattidescription
- Range: = 9.12.2
Patches
Vulnerability mechanics
References
1- members.backbox.org/maggioli-appalti-contratti-multiple-vulnerabilities/nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.