Description A session hijack risk was identified in the Shibboleth authentication plugin. Remediation References CVE-2021-40691 Related Vulnerabilities WordPress Plugin Password Protected Open Redirect (1.4) Oracle JRE CVE-2013-0437 Vulnerability (CVE-2013-0437) Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-33934) WordPress Plugin PropertyHive Remote Code Execution (1.4.25) WordPress Plugin Popup Maker-Popup for opt-ins, lead gen, & more Cross-Site Scripting (1.6.4) Severity Medium Classification CVE-2021-40691 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N Tags Missing Update Known Vulnerabilities