Lucene search
+L

6 matches found

debiancve
debiancve
added 2023/11/10 5:9 p.m.53 views

CVE-2023-46733

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 5.4.21 and 6.2.7 and prior to versions 5.4.31 and 6.3.8, SessionStrategyListener does not migrate the session after every successful login. It does so only in case the logged in...

6.5CVSS6.5AI score0.00689EPSS
Exploits0
cve
cve
added 2023/11/10 5:9 p.m.69 views

CVE-2023-46733

The CVE-2023-46733 issue affects Symfony (PHP framework) in versions 5.4.21–5.4.30 and 6.2.7–6.3.7 where SessionStrategyListener does not always migrate the session after a login; it only regenerated when the user identifier changes. In some cases the identity may remain the same while the token ...

6.5CVSS6.3AI score0.00689EPSS
Exploits0References3Affected Software1
vulnrichment
vulnrichment
added 2023/11/10 5:9 p.m.19 views

CVE-2023-46733 Symfony possible session fixation vulnerability

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Starting in versions 5.4.21 and 6.2.7 and prior to versions 5.4.31 and 6.3.8, SessionStrategyListener does not migrate the session after every successful login. It does so only in case the logged in...

6.5CVSS6.7AI score0.00689EPSS
Exploits0References3
symfony
symfony
added 2023/11/10 12:0 a.m.67 views

CVE-2023-46733: Possible session fixation

Affected versions Symfony versions =5.4.21, 5.4.31, and = 6.2.7, 6.3.8 of the Symfony Security HTTP component are affected by this security issue. The issue has been fixed in Symfony 5.4.31, 6.3.8. Description SessionStrategyListener does not always migrate the session after a successful login. I...

6.5CVSS6.2AI score0.00689EPSS
Exploits0
friendsofphp
friendsofphp
added 1970/01/01 12:0 a.m.31 views

CVE-2023-46733: Possible session fixation

More info at https://symfony.com/cve-2023-46733...

6.5CVSS7.2AI score0.00689EPSS
Exploits0Affected Software1
friendsofphp
friendsofphp
added 1970/01/01 12:0 a.m.37 views

CVE-2023-46733: Potential XSS in WebhookController

More info at https://symfony.com/cve-2023-46733...

6.5CVSS7.2AI score0.00689EPSS
Exploits0Affected Software1
Rows per page
Query Builder