Skip Menu |

This queue is for tickets about the VK CPAN distribution.

Report information
The Basics
Id: 129948
Status: new
Priority: 0/
Queue: VK
People
Owner: Nobody in particular
Requestors: abdullahmalik9x [...] gmail.com
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)

History Show all quoted text
  Sun Jun 30 15:53:54 2019 abdullahmalik9x [...] gmail.com - Ticket created
Subject: Bug report :Session Fixation.
Date: Mon, 1 Jul 2019 00:53:31 +0500
To: bug-VK [...] rt.cpan.org
From: Abdullah Malik9x <abdullahmalik9x [...] gmail.com>
Vulnerability: Session Fixation. There exits Session Fixation vulnerability on your website. This allows an attacker to successfully login to victim's account without any Authentication if he get victim's cookies. Steps to reproduce. 1- Sign to your account. 2- Copy the cookies and logout. 3- Destroy/ Delete the cookies which are present and paste the cookie. 4- Refresh the page. (You will be logged in directly) Proof of concept: If you want proof of concept through video do response back. Thankyou. Best Regards, Abdullah Malik.