Description

Session fixation vulnerability in the Sessions subsystem in PHP before 5.5.2 allows remote attackers to hijack web sessions by specifying a session ID.

Remediation

References

CVE-2011-4718

Related Vulnerabilities

MySQL CVE-2016-0616 Vulnerability (CVE-2016-0616)

PHP Other Vulnerability (CVE-2005-0525)

Atlassian Jira Incorrect Authorization Vulnerability (CVE-2020-36238)

Dotclear Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-3232)

WordPress Plugin Unite Gallery Lite Multiple Vulnerabilities (1.4.6)

Severity

Medium

Classification

CVE-2011-4718 CWE-264

Tags

Missing Update Known Vulnerabilities