{"id":62891,"date":"2021-08-02T09:00:02","date_gmt":"2021-08-02T09:00:02","guid":{"rendered":"https:\/\/owncloud.com\/?post_type=security_advisories&#038;p=62891"},"modified":"2023-11-29T09:39:58","modified_gmt":"2023-11-29T09:39:58","slug":"cve-2021-35948","status":"publish","type":"security_advisories","link":"https:\/\/owncloud.com\/de\/security-advisories\/cve-2021-35948\/","title":{"rendered":"Session fixation on public links"},"content":{"rendered":"<ul>\n<li>Risk: low<\/li>\n<li>CVSS v3 Base Score: 3.9<\/li>\n<li>CVSS v3 Vector: AV:L\/AC:L\/PR:L\/UI:R\/S:U\/C:L\/I:L\/A:N<\/li>\n<li>CWE ID: CWE-384<\/li>\n<li>CWE Name: Session Fixation<\/li>\n<li>CVE: CVE-2021-35948<\/li>\n<\/ul>\n<h3>Description<\/h3>\n<p>The session cookies were not reset after authenticating for public links.<\/p>\n<h3>Affected<\/h3>\n<ul>\n<li>core &lt; 10.8.0<\/li>\n<\/ul>\n<h3>Action taken<\/h3>\n<p>Regenerate the session cookies after successful authentication<\/p>\n","protected":false},"featured_media":78665,"template":"","class_list":["post-62891","security_advisories","type-security_advisories","status-publish","has-post-thumbnail","hentry"],"acf":[],"_links":{"self":[{"href":"https:\/\/owncloud.com\/de\/wp-json\/wp\/v2\/security_advisories\/62891","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/owncloud.com\/de\/wp-json\/wp\/v2\/security_advisories"}],"about":[{"href":"https:\/\/owncloud.com\/de\/wp-json\/wp\/v2\/types\/security_advisories"}],"version-history":[{"count":1,"href":"https:\/\/owncloud.com\/de\/wp-json\/wp\/v2\/security_advisories\/62891\/revisions"}],"predecessor-version":[{"id":62892,"href":"https:\/\/owncloud.com\/de\/wp-json\/wp\/v2\/security_advisories\/62891\/revisions\/62892"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/owncloud.com\/de\/wp-json\/wp\/v2\/media\/78665"}],"wp:attachment":[{"href":"https:\/\/owncloud.com\/de\/wp-json\/wp\/v2\/media?parent=62891"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}