IBM Jazz Foundation products could allow a user with physical access to the system to log in as another user due to the server's failure to properly log out from the previous session. IBM X-Force ID: ...

A Session Fixation vulnerability exists in chatwoot/chatwoot versions prior to 2.4.0. The application does not invalidate existing sessions on other devices when a user changes their password, allowin...

A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and ...

HCL MyXalytics is affected by a session fixation vulnerability. Cyber-criminals can exploit this by sending crafted URLs with a session token to access the victim's login session.

The Service Layer in SAP Business One, allows attackers to potentially gain unauthorized access and impersonate other users in the application to perform unauthorized actions. Due to the improper sess...

Tivoli Storage Manager Operations Center could allow a local user to take over a previously logged in user due to session expiration not being enforced.