CodeIgniter 授权问题漏洞

CodeIgniter is an open source web framework written in PHP. An authorization issue vulnerability exists in CodeIgniter versions prior to 4.2.11, which stems from an attacker obtaining a session cookie when the application uses multiple session cookies, and the session handler is set to...

PT-2022-27784 · Unknown · Codeigniter

Name of the Vulnerable Software and Affected Versions: CodeIgniter versions prior to 4.2.11 Description: The issue arises when an application uses multiple session cookies and a session handler is set to DatabaseHandler, MemcachedHandler, or RedisHandler. If an attacker obtains one session cookie...