Primary

Context

Bludit Session Fixation Vulnerability

Vulnerability

Patched

A session fixation vulnerability has been identified in Bludit versions prior to 3.17.2. This issue allows an attacker to set a session identifier for a victim before authentication, with the session ID remaining unchanged after the victim logs in. As a result, the attacker can hijack the authenticated session.

Impact

Exploitation of this vulnerability allows for session hijacking, where an attacker can take over an authenticated user's session.

Remediation

Users can upgrade to Bludit version 3.17.2 or later to address this vulnerability.

Added: Mar 27, 2026, 12:21 PM

Updated: Mar 27, 2026, 12:21 PM

Vulnerability Rating

Custom Algorithm

spread

2.2

impact

1.3

exploitability

6.4

remediation

7.7

relevance

4.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.2

impact

1.3

exploitability

6.4

remediation

7.7

relevance

4.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Bludit Session Fixation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Bludit

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating