Description

Session fixation vulnerability in the authentication library in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allows remote attackers to hijack web sessions via unspecified vectors related to (1) frontend and (2) backend authentication.

Remediation

References

CVE-2009-0256

Related Vulnerabilities

Envoy Proxy CVE-2020-25018 Vulnerability (CVE-2020-25018)

Jboss EAP Improper Input Validation Vulnerability (CVE-2018-1000873)

Open Resty Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2020-11724)

Joomla! Core Security Bypass (2.5.0 - 3.8.7)

WordPress Plugin VRView Cross-Site Scripting (1.1.3)

Severity

High

Classification

CVE-2009-0256 CWE-287

Tags

Missing Update Known Vulnerabilities