Session Fixation Vulnerability in Franklin Fueling Systems System Sentinel AnyWare (SSA) Version 1.6.24.492

Session Fixation Vulnerability in Franklin Fueling Systems System Sentinel AnyWare (SSA) Version 1.6.24.492

CVE-2023-48929 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Franklin Fueling Systems System Sentinel AnyWare (SSA) version 1.6.24.492 is vulnerable to Session Fixation. The 'sid' parameter in the group_status.asp resource allows an attacker to escalate privileges and obtain sensitive information.

Learn more about our Web Application Penetration Testing UK.