Session Fixation Vulnerability in OpenText Exceed OnDemand Product
CVE-2013-6994
Currently unrated
Summary
OpenText Exceed OnDemand version 8 is prone to a session fixation vulnerability due to transmitting session IDs in cleartext over the network. This flaw allows remote attackers to intercept the session ID and potentially take control of user sessions. Ensuring secure transmission protocols and implementing session management best practices are essential to mitigate risks associated with this vulnerability.
References
Timeline
Vulnerability published
Vulnerability Reserved