Zen Cart Session Fixation Vulnerability

Zen Cart Session Fixation Vulnerability

Zen Cart is prone to a session-fixation vulnerability. This issue stems from a design error in the application.

When the unsuspecting victim logs in, an attacker can hijack the session and gain unauthorized access to the affected application.

Zen Cart 1.3.7 is vulnerable to this issue; other versions may also be vulnerable.