PT-2023-1575 · Symfony +4 · Symfony +4

Name of the Vulnerable Software and Affected Versions: Symfony versions prior to 4.4 Description: The issue is related to incorrect session management in Symfony, a PHP framework for web and console applications. When authenticating users, Symfony by default regenerates the session ID upon login...

Kajona cross-site scripting vulnerability (CNVD-2016-08093)

Kajona is an open source CMS written in PHP. A cross-site scripting attack vulnerability exists in Kajona version 4.7. An attacker can use this vulnerability to obtain cookies, inject keyloggers or bypass CSRF protection...