Description SilverStripe through 4.3.3 allows session fixation in the "change password" form. Remediation References CVE-2019-12203 Related Vulnerabilities Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42117) MediaWiki Other Vulnerability (CVE-2005-3165) WordPress Plugin Stripe For WooCommerce Security Bypass (3.3.9) Django Use of Cache Containing Sensitive Information Vulnerability (CVE-2026-6907) Grafana Insufficiently Protected Credentials Vulnerability (CVE-2022-31130) Severity Medium Classification CVE-2019-12203 CWE-384 CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities