akoul
commented
8 years ago Do you have credit/bounty program for reporting security vulnerabilities?
Open akoul opened 8 years ago
akoul
commented
8 years ago Do you have credit/bounty program for reporting security vulnerabilities?
ryanhowdy
commented
8 years ago No sorry. If I could afford it, I would.
akoul
commented
8 years ago Please give appropriate credits for reporting this. Do let me know if you need any information from my side.
akoul
commented
5 years ago Thanks for this!
The fcms 3.6.2 is vulnerable to Session Fixation. The app does not change the session id (PHPSESSID) post successful authentication. Also, the app accepts user-set session ID. This could allow an attacker to force a user to login using attacker's session ID. Once the user logs in, the attacker can then use the same session ID to gain access to the user's account.
Reference - https://www.owasp.org/index.php/Session_fixation
There is a $15 open bounty on this issue.