CVE-2019-10158: infinispan: Session fixation protection broken for Spring Session integration

Severity: Critical

CVSS Score: 9.8

A flaw was found in Infinispan through version 9.4.14.Final. An improper implementation of the session fixation protection in the Spring Session integration can result in incorrect session handling.