Description

Session fixation vulnerability in the Sessions subsystem in PHP before 5.5.2 allows remote attackers to hijack web sessions by specifying a session ID.

Remediation

References

CVE-2011-4718

Related Vulnerabilities

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0125)

WordPress 5.5.x Multiple Vulnerabilities (5.5 - 5.5.7)

Ruby on Rails Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-8167)

Python URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2016-1000110)

WordPress Plugin Management App for WooCommerce-Order notifications, Order management, Lead management, Uptime Monitoring Unspecified Vulnerability (1.2.3)

Severity

Medium

Classification

CVE-2011-4718 CWE-264

Tags

Missing Update Known Vulnerabilities