CVE-2026-2177
HIGHCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Lifecycle Timeline
3Description
A vulnerability has been found in SourceCodester Prison Management System 1.0. The impacted element is an unknown function of the component Login. The manipulation leads to session fixiation. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Analysis
SourceCodester Prison Management System 1.0 contains a session fixation vulnerability in its login component that allows unauthenticated remote attackers to hijack user sessions. Public exploit code exists for this vulnerability, which enables attackers to impersonate legitimate users and gain unauthorized access to the system. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Inventory all systems running Prison Management System 1.0 and isolate them from production networks if possible; enable enhanced logging and monitoring on login attempts. Within 7 days: Implement network-based access controls (WAF/IPS rules) to block exploit patterns if identifiable; contact SourceCodester for patch timeline and workaround guidance; conduct security assessment of any login anomalies. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today