Critical severity9.8NVD Advisory· Published Jun 17, 2018· Updated Jun 17, 2026
CVE-2018-12071
CVE-2018-12071
Description
A Session Fixation issue exists in CodeIgniter before 3.1.9 because session.use_strict_mode in the Session Library was mishandled.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
codeigniter/frameworkPackagist | < 3.1.10 | 3.1.10 |
Affected products
1Patches
Vulnerability mechanics
References
7- github.com/advisories/GHSA-g434-3q2j-hj4rghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-12071ghsaADVISORY
- www.codeigniter.com/user_guide/changelog.htmlnvdRelease NotesVendor AdvisoryWEB
- github.com/bcit-ci/CodeIgniter/commit/800a20d6c4662d99ae0988b2f8f2238bb8bb29dbnvdWEB
- github.com/bcit-ci/CodeIgniter/commit/a9da3dd2f16a8f97d7bc4ff5572b28e4bb84c813ghsaWEB
- github.com/bcit-ci/CodeIgniter/issues/5958ghsaWEB
- web.archive.org/web/20181115214804/https://www.codeigniter.com/user_guide/changelog.htmlghsaWEB
News mentions
0No linked articles in our index yet.