osCommerce 'oscid' Session Fixation Vulnerability

osCommerce 'oscid' Session Fixation Vulnerability

An attacker can exploit this issue by enticing an unsuspecting victim into following a malicious URI.

The following example URI is available:

http://www.example.com/myapp/index.php?oscid=arbitrarysession