New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Session Fixation #5958
Comments
I have no idea what you're talking about mate ... The commit you linked to fixes a syntax error and we haven't used md5 hashes for session IDs since CI2. |
Hello, I am talking about this CVE https://nvd.nist.gov/vuln/detail/CVE-2018-12071 present in codeigniter before version 3.1.8. |
From your link,
You can find the detail of |
Is somebody monitoring issues like this. I guess this needs closure. |
i guess still this have a bug.. seems validating session IDs are not working property.. respect cookies, stil when i made a redirect my session get empty and gone! |
Hello, could you explain a real attack scenario about the vulnerability you fixed in this commit?
800a20d
Regards, adon90
The text was updated successfully, but these errors were encountered: