Duplicate Advisory: Session fixation in Enonic XP
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-4m5p-5w5w-3jcf. This link is maintained to preserve external references. Original Description Enonic XP versions less than 7.7.4 are vulnerable to a session fixation issue. An remote and unauthenticated attacker can use prior sessions due to the lack of invalidating session attributes.