Description

Session fixation vulnerability in the authentication library in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allows remote attackers to hijack web sessions via unspecified vectors related to (1) frontend and (2) backend authentication.

Remediation

References

CVE-2009-0256

Related Vulnerabilities

Oracle HTTP Server Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2022-21716)

WordPress Plugin User Registration-Custom Registration Form, Login Form, and User Profile Privilege Escalation (3.2.0.1)

WordPress Plugin Circles Gallery Cross-Site Scripting (1.0.10)

WordPress Plugin Contest Gallery-Photo Contest for WordPress Security Bypass (13.1.0.6)

WordPress Plugin Monarch Social Sharing Security Bypass (1.2.6)

Severity

High

Classification

CVE-2009-0256 CWE-287

Tags

Missing Update Known Vulnerabilities