CVE-2025-56746 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Creativeitem Academy LMS up to and including 5.13 does not regenerate session IDs upon successful authentication, enabling session fixation attacks where attack…
Low CVSS: 2.2

CVE-2025-56746

Creativeitem Academy LMS up to and including 5.13 does not regenerate session IDs upon successful authentication, enabling session fixation attacks where attackers can hijack user sessions by predetermining session identifiers.
Vendor
Creativeitem
Product
Academy Lms
CWE
CWE-384
Yayın Tarihi
2025-10-15 14:15:52
Güncelleme
2025-10-23 19:42:22
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-384 Academy Lms LOW Creativeitem 2025

Referanslar

https://suryadina.com/academy-lms-session-fixation-1t8v5n3q6h/