CVE-2022-4231

MEDIUM

Tribal Systems Zenario CMS 9.3.57595 - Session Fixation

Title source: llm

Description

A vulnerability, which was classified as problematic, has been found in Tribal Systems Zenario CMS 9.3.57595. This issue affects some unknown processing of the component Remember Me Handler. The manipulation leads to session fixiation. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-214589 was assigned to this vulnerability.

References (2)

Core 2

Core References

Exploit, Third Party Advisory

https://github.com/lithonn/bug-report/tree/main/vendors/tribalsystems/zenario/session-fixation

View Exploit ZIP pw:eip

Third Party Advisory

https://vuldb.com/?id.214589

Scores

CVSS v3 4.2

EPSS 0.0044

EPSS Percentile 35.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-384

Status published

Products (2)

tribalsystems/zenario 9.3.57595

tribalsystems/zenario 0Packagist

Published Nov 30, 2022

Tracked Since Feb 18, 2026