VYPR

Maven package

com.enonic.xp/lib-auth

pkg:maven/com.enonic.xp/lib-auth

Vulnerabilities (1)

  • CVE-2024-23679CriJan 19, 2024
    affected < 7.7.4fixed 7.7.4

    Enonic XP versions less than 7.7.4 are vulnerable to a session fixation issue. An remote and unauthenticated attacker can use prior sessions due to the lack of invalidating session attributes.