Improper Session Fixation Protection in Infinispan-Spring Session Integration

Improper Session Fixation Protection in Infinispan-Spring Session Integration

CVE-2019-10158 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

A flaw was found in Infinispan through version 9.4.14.Final. An improper implementation of the session fixation protection in the Spring Session integration can result in incorrect session handling.

Learn more about our Web Application Penetration Testing UK.