GHSA-gqmh-5xmq-3fhg, CVE-2010-3671
packagist/typo3/cms-install
Session Fixation
TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 is open to a session fixation attack which allows remote attackers to hijack a victim's session.
All versions before 4.1.14, all versions starting from 4.2.0 before 4.2.13, all versions starting from 4.3.0 before 4.3.4, all versions starting from 4.4.0 before 4.4.1
Upgrade to versions 4.1.14, 4.2.13, 4.3.4, 4.4.1 or above.
2024-02-09
source |