OpenSolution Quick.Cart Session Fixation Vulnerability

Vulnerability

A session fixation vulnerability has been identified in OpenSolution Quick.Cart version 6.7. This issue allows an attacker to set a user's session identifier before authentication, with the session ID remaining unchanged after authentication. As a result, an attacker can hijack an authenticated session by fixing the session ID for a victim.

Impact

Exploitation of this vulnerability allows for session hijacking, where an attacker can take over an authenticated user's session.

Added: Feb 5, 2026, 12:18 PM

Updated: Feb 5, 2026, 3:07 PM

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

5.0

exploitability

6.5

remediation

0.0

relevance

2.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

5.0

exploitability

6.5

remediation

0.0

relevance

2.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

OpenSolution Quick.Cart Session Fixation Vulnerability

Vulnerability

Impact

Affected Products

OpenSolution Quick.Cart

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating