Vulnerabilities (CVE)

Filtered by vendor Enonic Subscribe
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-23679 1 Enonic 1 Xp 2024-11-21 N/A 9.8 CRITICAL
Enonic XP versions less than 7.7.4 are vulnerable to a session fixation issue. An remote and unauthenticated attacker can use prior sessions due to the lack of invalidating session attributes.