CVE-2026-14609
Received Received - Intake

Session Fixation in CET Automated Grading System with AI Predictive Analytics

Vulnerability report for CVE-2026-14609, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-03

Last updated on: 2026-07-03

Assigner: VulDB

Description

A vulnerability was detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This issue affects some unknown processing. The manipulation results in session fixiation. The attack can be executed remotely. The attack requires a high level of complexity. The exploitability is assessed as difficult. The exploit is now public and may be used.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-03
Last Modified
2026-07-03
Generated
2026-07-04
AI Q&A
2026-07-04
EPSS Evaluated
N/A
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
sourcecodester cet_automated_grading_system 1.0

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-384 Authenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal authenticated sessions.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in the SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. It involves an issue with some unknown processing that leads to session fixation. Session fixation is a type of attack where an attacker tricks a user into using a specific session ID, allowing the attacker to hijack the user's session.

The attack can be executed remotely but requires a high level of complexity, making it difficult to exploit. Despite this, the exploit is publicly available and could be used by attackers.

Impact Analysis

The vulnerability can allow an attacker to hijack a user's session by exploiting session fixation. This can lead to unauthorized access to the affected system with the privileges of the victim user.

Because the attack requires a high level of complexity and is difficult to exploit, the risk might be moderate. However, since the exploit is public, there is a potential risk of compromise if the system is not properly secured.

Compliance Impact

The provided information does not specify how this vulnerability impacts compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-14609. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart