CVE-2016-9125 — Revive Adserver before 3.2.3 suffers from session fixation, by allowing arbitrary session identifiers to be forced and, at the same time, by not invalidating the existing session upon a successful aut — CVE Database · The Intelligence Room