Vulnerability Database
Blog
FAQ
Docs
CVE-2022-24444
See a problem?
Please try reporting it
to the source
first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-24444
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-24444.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-24444
Aliases
BIT-silverstripe-2022-24444
GHSA-c7q8-m4xw-c674
Published
2022-06-28T22:15:07Z
Modified
2024-10-12T09:15:10.301689Z
Severity
6.5 (Medium)
CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CVSS Calculator
Summary
[none]
Details
Silverstripe silverstripe/framework through 4.10 allows Session Fixation.
References
https://docs.silverstripe.org/en/4/changelogs/4.10.1/
https://forum.silverstripe.org/c/releases
https://www.silverstripe.org/blog/tag/release
https://www.silverstripe.org/download/security-releases/
https://www.silverstripe.org/download/security-releases/cve-2022-24444
Affected packages
Git
/
github.com/silverstripe/silverstripe-cms
Affected ranges
Type
GIT
Repo
https://github.com/silverstripe/silverstripe-cms
Events
Introduced
0
Unknown introduced commit / All previous commits are affected
Last affected
52d891f3d96da825b73d87a11db99f09e0c13a2b
Last affected
aeacbafe16b967d392cd647b3175091c9b2e863c
Type
GIT
Repo
https://github.com/silverstripe/silverstripe-framework
Events
Introduced
0
Unknown introduced commit / All previous commits are affected
Last affected
eb11951aceee0546ad387adea0b66d603c08b4a2
Last affected
ef7b2a793fbfd8030101924bb03f811908091192
Affected versions
2.*
2.2.0-rc1
2.2.2-rc1
2.3.0-rc1
2.4.0
2.4.0-alpha1
2.4.0-beta1
2.4.0-beta2
2.4.0-rc1
2.4.0-rc2
2.4.0-rc3
2.4.1
2.4.1-rc1
2.4.1-rc2
2.4.10
2.4.11
2.4.12
2.4.13
2.4.2
2.4.2-rc1
2.4.2-rc2
2.4.3
2.4.3-rc1
2.4.3-rc2
2.4.4
2.4.4-rc1
2.4.4-rc2
2.4.5
2.4.5-rc1
2.4.6
2.4.7
2.4.8
2.4.8-rc1
2.4.9
2.5.0
CVE-2022-24444 - OSV