wildfly-elytron: session fixation when using FORM authentication

A flaw was found in WildFly Elytron version 1.11.3.Final and before. When using WildFly Elytron FORM authentication with a session ID in the URL, an attacker could perform a session fixation attack. The highest threat from this vulnerability is to data confidentiality and integrity as well as...

PT-2020-12294 · Red Hat · Wildfly Elytron

Name of the Vulnerable Software and Affected Versions: WildFly Elytron versions 1.11.3.Final and earlier Description: A flaw was found in WildFly Elytron when using FORM authentication with a session ID in the URL, allowing an attacker to perform a session fixation attack. This poses a threat to...

wildfly-elytron: session fixation when using FORM authentication

A flaw was found in WildFly Elytron version 1.11.3.Final and before. When using WildFly Elytron FORM authentication with a session ID in the URL, an attacker could perform a session fixation attack. The highest threat from this vulnerability is to data confidentiality and integrity as well as...

wildfly-elytron: session fixation when using FORM authentication

A flaw was found in WildFly Elytron version 1.11.3.Final and before. When using WildFly Elytron FORM authentication with a session ID in the URL, an attacker could perform a session fixation attack. The highest threat from this vulnerability is to data confidentiality and integrity as well as...

Red Hat WildFly Elytron License Issue Vulnerability

Red Hat WildFly Elytron is a security framework for application servers from Red Hat USA. The product supports features such as configuring administrative access to servers. An authorization issue vulnerability exists in Red Hat WildFly Elytron 1.11.3.Final and prior versions. The vulnerability...