CVE-2022-24444

MEDIUM

Silverstripe framework <4.10 - Info Disclosure

Title source: llm

Silverstripe silverstripe/framework through 4.10 allows Session Fixation.

CVSS v3 6.5

EPSS 0.0027

EPSS Percentile 50.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CWE

CWE-384

Status published

Products (3)

silverstripe/hybridsessions 1.0.0 - 2.4.1Packagist

silverstripe/silverstripe 2.5.0

silverstripe/silverstripe < 2.4.0

Published Jun 28, 2022

Tracked Since Feb 18, 2026