Session Fixation in GitHub repository snipe/snipe-it prior to version 6.0.10. The session is not invalidated after a password change.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-2997
https://github.com/snipe/snipe-it/commit/6fde72a69335c80079…