{"id":"CVE-2022-24444","details":"Silverstripe silverstripe/framework through 4.10 allows Session Fixation.","aliases":["BIT-silverstripe-2022-24444","GHSA-c7q8-m4xw-c674"],"modified":"2026-04-12T04:41:20.021322Z","published":"2022-06-28T22:15:07.913Z","references":[{"type":"ADVISORY","url":"https://docs.silverstripe.org/en/4/changelogs/4.10.1/"},{"type":"ADVISORY","url":"https://forum.silverstripe.org/c/releases"},{"type":"ADVISORY","url":"https://www.silverstripe.org/blog/tag/release"},{"type":"ADVISORY","url":"https://www.silverstripe.org/download/security-releases/"},{"type":"ADVISORY","url":"https://www.silverstripe.org/download/security-releases/cve-2022-24444"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/silverstripe/silverstripe-cms","events":[{"introduced":"0"},{"last_affected":"aeacbafe16b967d392cd647b3175091c9b2e863c"},{"last_affected":"52d891f3d96da825b73d87a11db99f09e0c13a2b"}],"database_specific":{"source":"CPE_FIELD","extracted_events":[{"introduced":"0"},{"last_affected":"2.4.0"},{"last_affected":"2.5.0"}],"cpe":["cpe:2.3:a:silverstripe:silverstripe:*:*:*:*:*:*:*:*","cpe:2.3:a:silverstripe:silverstripe:2.5.0:*:*:*:*:*:*:*"]}}],"versions":["2.2.0-rc1","2.2.2-rc1","2.3.0-rc1","2.4.0","2.4.0-alpha1","2.4.0-beta1","2.4.0-beta2","2.4.0-rc1","2.4.0-rc2","2.4.0-rc3","2.4.1","2.4.1-rc1","2.4.1-rc2","2.4.2","2.4.2-rc1","2.4.2-rc2","2.4.3","2.4.3-rc1","2.4.3-rc2","2.4.4","2.4.4-rc1","2.4.4-rc2","2.4.5","2.4.5-rc1","2.5.0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-24444.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}]}