CVE-2024-23679

Enonic XP versions less than 7.7.4 are vulnerable to a session fixation issue. An remote and unauthenticated attacker can use prior sessions due to the lack of invalidating session attributes. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt