6 matches found
CVE-2023-46733
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 5.4.21 and 6.2.7 and prior to versions 5.4.31 and 6.3.8, SessionStrategyListener does not migrate the session after every successful login. It does so only in case the logged in...
CVE-2023-46733
The CVE-2023-46733 issue affects Symfony (PHP framework) in versions 5.4.21–5.4.30 and 6.2.7–6.3.7 where SessionStrategyListener does not always migrate the session after a login; it only regenerated when the user identifier changes. In some cases the identity may remain the same while the token ...
CVE-2023-46733 Symfony possible session fixation vulnerability
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 5.4.21 and 6.2.7 and prior to versions 5.4.31 and 6.3.8, SessionStrategyListener does not migrate the session after every successful login. It does so only in case the logged in...
CVE-2023-46733: Possible session fixation
Affected versions Symfony versions =5.4.21, 5.4.31, and = 6.2.7, 6.3.8 of the Symfony Security HTTP component are affected by this security issue. The issue has been fixed in Symfony 5.4.31, 6.3.8. Description SessionStrategyListener does not always migrate the session after a successful login. I...
CVE-2023-46733: Possible session fixation
More info at https://symfony.com/cve-2023-46733...
CVE-2023-46733: Potential XSS in WebhookController
More info at https://symfony.com/cve-2023-46733...