CVE-2024-23679

Enonic XP versions less than 7.7.4 are vulnerable to a session fixation issue. An remote and unauthenticated attacker can use prior sessions due to the lack of invalidating session attributes.

Published Jan 26, 2026

https://github.com/advisories/GHSA-4hrp-m3f2-643j https://github.com/advisories/GHSA-4m5p-5w5w-3jcf

CVSS ScoreCritical

9.8

Ecosystem	Package	Version

Ecosystem	Package	Version

Vulnerabilities

CVE-2024-23679

Enonic XP versions less than 7.7.4 are vulnerable to a session fixation issue. An remote and unauthenticated attacker can use prior sessions due to the lack of invalidating session attributes.

Published Jan 26, 2026

https://github.com/advisories/GHSA-4hrp-m3f2-643j https://github.com/advisories/GHSA-4m5p-5w5w-3jcf

CVSS ScoreCritical

9.8

No packages found

Try adjusting your search terms.

Ecosystem	Package	Version

No packages found

Try adjusting your search terms.

Find vulnerabilities. Fix fast with AI.

CVE-2024-23679

CVE-2024-23679

No packages found

No packages found