Symfony 'regenerate()' Method Session Fixation Vulnerability

Symfony is prone to a session-fixation vulnerability.

An attacker can exploit this issue to hijack an arbitrary session and gain unauthorized access to the affected application.

Versions prior to Symfony 1.4.18 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus