CVE-2010-3671

Session Fixation in packagist/typo3/cms-install

Identifiers

GHSA-gqmh-5xmq-3fhg, CVE-2010-3671

Package Slug

packagist/typo3/cms-install

Vulnerability

Session Fixation

Description

TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 is open to a session fixation attack which allows remote attackers to hijack a victim's session.

Affected Versions

All versions before 4.1.14, all versions starting from 4.2.0 before 4.2.13, all versions starting from 4.3.0 before 4.3.4, all versions starting from 4.4.0 before 4.4.1

Solution

Upgrade to versions 4.1.14, 4.2.13, 4.3.4, 4.4.1 or above.

Last Modified

2024-02-09

source