Vulnerability in Opensolution Quickcms
CVE-2026-33384
QuickCMS allows a user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behaviour enables an attacker to fix a session ID for a victim and later hijack the authent…
EPSS: 0.000 (7.7th percentile) — read the EPSS interpretation.
Affected products
- Opensolution Quickcms — versions 0
Weakness classification (CWE)
References
- cvd@cert.pl (third-party-advisory)
- cvd@cert.pl (product)