CVE-2006-1228

CVE-2006-1228 · MEDIUM Severity

AV:N/AC:H/AU:N/C:P/I:P/A:P

Session fixation vulnerability in Drupal 4.5.x before 4.5.8 and 4.6.x before 4.5.8 allows remote attackers to gain privileges by tricking a user to click on a URL that fixes the session identifier.

Learn more about our User Device Pen Test.