Security Advisory

CVE-2020-10714

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-09-23 12:28:17
Last updated 2024-08-04 11:14:14
Assigner redhat
State PUBLISHED

Description

A flaw was found in WildFly Elytron version 1.11.3.Final and before. When using WildFly Elytron FORM authentication with a session ID in the URL, an attacker could perform a session fixation attack. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.