ID: 00818
Ref: 546575
Date: 28 November 2006:11:46:01
Version: 1
Title: Predictable session identifiers in Crystal Reports
Abstract: The way in which the web interface for Crystal Reports stores a session identifier could allow an attacker to hijack an authenticated session.
Document link: Predictable session identifiers in Crystal Reports