Session Fixation Vulnerability in Symfony's Remember Me Login Feature

Session Fixation Vulnerability in Symfony's Remember Me Login Feature

CVE-2015-8124 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Session fixation vulnerability in the "Remember Me" login feature in Symfony 2.3.x before 2.3.35, 2.6.x before 2.6.12, and 2.7.x before 2.7.7 allows remote attackers to hijack web sessions via a session id.

Learn more about our Web App Pen Testing.