An open API service providing security vulnerability metadata for many open source software ecosystems.

GSA_kwCzR0hTQS1tNTN2LTV4NXgtNW0ycM4AAv4I

Moderate EPSS: 0.00353% (0.56919 Percentile) EPSS:

Concrete CMS vulnerable to Session Fixation

Affected Packages Affected Versions Fixed Versions
packagist:concrete5/concrete5 >= 9.0.0, < 9.1.3, < 8.5.10 9.1.3, 8.5.10
4 Dependent packages
7 Dependent repositories
2,293 Downloads total

Affected Version Ranges

All affected versions

8.0.1, 8.0.2, 8.0.3, 8.1.0, 8.2.0, 8.2.1, 8.3.0, 8.3.1, 8.3.2, 8.4.0, 8.4.1, 8.4.2, 8.4.3, 8.4.4, 8.4.5, 8.5.0, 8.5.1, 8.5.2, 8.5.3, 8.5.4, 8.5.5, 8.5.6, 8.5.7, 8.5.8, 8.5.9, 9.0.0, 9.0.1, 9.0.2, 9.1.0, 9.1.1, 9.1.2

All unaffected versions

8.5.10, 8.5.11, 8.5.12, 8.5.13, 8.5.14, 8.5.15, 8.5.16, 8.5.17, 8.5.18, 8.5.19, 8.5.20, 8.5.21, 8.5.99, 9.1.3, 9.2.0, 9.2.1, 9.2.2, 9.2.3, 9.2.4, 9.2.5, 9.2.6, 9.2.7, 9.2.8, 9.2.9, 9.3.0, 9.3.1, 9.3.2, 9.3.3, 9.3.4, 9.3.5, 9.3.6, 9.3.7, 9.3.8, 9.3.9, 9.4.0, 9.4.1, 9.4.2, 9.4.3