Description
mod_session_dbd.c in the mod_session_dbd module in the Apache HTTP Server before 2.4.5 proceeds with save operations for a session without considering the dirty flag and the requirement for a new session ID, which has unspecified impact and remote attack vectors.
Remediation
References
Related Vulnerabilities
Atlassian Jira CVE-2019-20403 Vulnerability (CVE-2019-20403)
MySQL Other Vulnerability (CVE-2010-3838)
WordPress Plugin Google Analytics Top Content Widget Cross-Site Scripting (1.5.6)
Plone CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-21336)
WordPress Plugin Advanced Contact form 7 DB Information Disclosure (1.1.0)