enonic/xp

Releases392

Frequency1 week 3 days

Last Release 12 days ago

Stars208

Enonic XP

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-23679 ↗	Jan 19, 2024Friday, 19 January 2024, 21:15	9.8 CRITICAL	—
Enonic XP versions less than 7.7.4 are vulnerable to a session fixation issue. An remote and unauthenticated attacker can use prior sessions due to the lack of invalidating session attributes.