composer›silverstripe/hybridsessions›CVE-2022-244446.5 MEDIUMHybridsessions does not expire session id on logoutSilverstripe silverstripe/framework through 4.10 allows Session Fixation.