CVE-2022-31888

High

Session Fixation vulnerability in in function login in class.auth.php in osTicket through 1.16.2.

mitre·CWE-384·Published 2023-04-05

CVSS

8.8

EPSS

0.01

KEV

Exploits

cve.orgen

97 chars

Session Fixation vulnerability in in function login in class.auth.php in osTicket through 1.16.2.

NVDen

97 chars

Session Fixation vulnerability in in function login in class.auth.php in osTicket through 1.16.2.

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	8.8	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
3.1	Primary	NVD	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H