cve/2023/CVE-2023-22479.md

### [CVE-2023-22479](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22479)
![](https://img.shields.io/static/v1?label=Product&message=KubePi&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%3D%201.6.3%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-384%3A%20Session%20Fixation&color=brighgreen)

### Description

KubePi is a modern Kubernetes panel. A session fixation attack allows an attacker to hijack a legitimate user session, versions 1.6.3 and below are susceptible. A patch will be released in version 1.6.4.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/alopresto/epss_api_demo
- https://github.com/alopresto6m/epss_api_demo
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2023-22479](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22479)`
			`![](https://img.shields.io/static/v1?label=Product&message=KubePi&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%3D%201.6.3%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-384%3A%20Session%20Fixation&color=brighgreen)`

			`### Description`

			`KubePi is a modern Kubernetes panel. A session fixation attack allows an attacker to hijack a legitimate user session, versions 1.6.3 and below are susceptible. A patch will be released in version 1.6.4.`

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/ARPSyndicate/cvemon`
			`- https://github.com/alopresto/epss_api_demo`
			`- https://github.com/alopresto6m/epss_api_demo`