Vulnerability CVE-2016-4309

Vulnerability CVE-2016-4309

Published: 2016-06-30

Description:

	Topic	Author	Date
Med.	Symphony CMS v2.6.7 Session Fixation	hyp3rlinx	20.06.2016

Type:

CVSS Base Score	Impact Subscore	Exploitability Subscore
7.6/10	10/10	4.9/10

Affected software
Symphony-cms -> Symphony cms

http://hyp3rlinx.altervista.org/advisories/SYMPHONY-CMS-SESSION-FIXATION.txt

http://packetstormsecurity.com/files/137551/Symphony-CMS-2.6.7-Session-Fixation.html

http://www.securityfocus.com/archive/1/538714/100/0/threaded

http://www.securityfocus.com/bid/91299

https://github.com/symphonycms/symphony-2/commit/b329a14adc40868965076a77210452e396243dcd

https://www.exploit-db.com/exploits/39983/