Lucene search
Veracode Vulnerability DatabaseVERACODE:6793HistoryJun 14, 2018 - 3:39 a.m.
Cross-Site Request Forgery (CSRF) Token Fixation
2018-06-1403:39:17
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
EPSS
0.003
Percentile
68.7%
symfony/symfony is vulnerable to cross-site request forgery (CSRF) token fixation attacks. The vulnerability exists due to the lack of invalidation of CSRF tokens when a user logs out.
Related
prion
prion
Cross site request forgery (csrf)
2018-06-13 16:29:00
symfony
symfony
CVE-2018-11406: CSRF Token Fixation
2018-05-25 00:00:00
nvd
nvd
CVE-2018-11406
2018-06-13 16:29:00
cve
cve
CVE-2018-11406
2018-06-13 16:29:00
cvelist
cvelist
CVE-2018-11406
2018-06-13 16:00:00
osv
osv
Symfony CSRF Token Fixation
2022-05-14 01:14:35
CVE-2018-11406
2018-06-13 16:29:00
symfony - security update
2018-08-03 00:00:00
debiancve
debiancve
CVE-2018-11406
2018-06-13 16:29:00
friendsofphp
friendsofphp
CVE-2018-11406: CSRF Token Fixation
2018-05-25 11:46:22
CVE-2018-11406: CSRF Token Fixation
2018-05-25 11:46:22
CVE-2018-11406: CSRF Token Fixation
2018-05-25 11:46:22
github
github
Symfony CSRF Token Fixation
2022-05-14 01:14:35
ubuntucve
ubuntucve
CVE-2018-11406
2018-06-13 00:00:00
nessus
nessus
Fedora 28 : php-symfony4 (2018-96d770ddc9)
2019-01-03 00:00:00
Fedora 28 : php-symfony (2018-eba0006df2)
2019-01-03 00:00:00
Fedora 28 : php-symfony3 (2018-ba0b683c10)
2019-01-03 00:00:00
fedora
fedora
[SECURITY] Fedora 28 Update: php-symfony-2.8.41-1.fc28
2018-06-06 13:33:22
[SECURITY] Fedora 28 Update: php-symfony4-4.0.11-1.fc28
2018-06-06 13:33:23
[SECURITY] Fedora 28 Update: php-symfony3-3.4.11-1.fc28
2018-06-05 13:45:03
openvas
openvas
debian
debian
[SECURITY] [DSA 4262-1] symfony security update
2018-08-03 16:32:58