← Back to CVE List
CVE-2018-6009
Published:
2018-01-22T22:29Z
Last Modified:
2024-11-21T04:09Z
Source:
MITRE CVE List
License:
MITRE-CVE-TOS
In Yii Framework 2.x before 2.0.14, the switchIdentity function in web/User.php did not regenerate the CSRF token upon a change of identity. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt