9.1
/ 10
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Description
A session fixation vulnerability exists in 66biolinks v62.0.0 by AltumCode, where the application does not regenerate the session identifier after successful authentication. As a result, the same session cookie value is reused for users logging in from the same browser, allowing an attacker who can set or predict a session ID to potentially hijack an authenticated session.
Basic Information
ID
CVE-2025-69602
Source
mitre
Published
Jan 28, 2026 at 00:00
Modified
Jan 29, 2026 at 20:05
Affected Product
Vendor
n/a
Product
n/a
Version
n/a
Affected Versions
n/a n/a n/a