CVE-2007-4188 — Session Fixation in Joomla !

CWE-384 — Session Fixation2 documents2 sources

Severity

9.3CRITICALNVD

EPSS

0.1%

top 65.41%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Joomla !

Timeline

PublishedAug 8

Latest updateMay 1

Description

Session fixation vulnerability in Joomla! before 1.0.13 (aka Sunglow) allows remote attackers to hijack administrative web sessions via unspecified vectors.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

▶NVDjoomla/joomla_!< 1.0.13

🔴Vulnerability Details

GHSA

GHSA-4883-cvpp-v36g: Session fixation vulnerability in Joomla! before 1↗2022-05-01

▶