VYPR
Medium severity6.5NVD Advisory· Published Nov 21, 2022· Updated Jun 17, 2026

CVE-2022-44788

CVE-2022-44788

Description

An issue was discovered in Appalti & Contratti 9.12.2. It allows Session Fixation. When a user logs in providing a JSESSIONID cookie that is issued by the server at the first visit, the cookie value is not updated after a successful login.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.