Session Fixation in CodeIgniter

 

 

Session Fixation in CodeIgniter - CVE-2018-12071

Overview

A Session Fixation issue exists in CodeIgniter before 3.1.9 because session.use_strict_mode in the Session Library was mishandled.

Severity

High 9.8

Remediation

Update to "codeigniter/framework": "3.1.9"

Reference

https://github.com/bcit-ci/CodeIgniter/commit/b3f7aae1079e8e484437bc67f4c126f34e7903d8

Ready to be protected?

14 days trial , No credit card upfront , Risk free