Search for vulnerabilities
| Vulnerability ID | VCID-fkq5-7t4p-jbdk |
| Aliases |
GHSA-6mjq-9x4w-m3w9
|
| Summary | FOSUserBundle Session Hijacking Vulnerability Versions of FOSUserBundle from 1.2.x to 1.2.4 have been found to contain a security vulnerability related to session hijacking. This issue has been addressed in version 1.2.4, and users are strongly advised to upgrade to the latest version to prevent potential session-related security risks. |
| Status | Published |
| Exploitability | 0.5 |
| Weighted Severity | 8.0 |
| Risk | 4.0 |
| Affected and Fixed Packages | Package Details |
| System | Score | Found at |
|---|---|---|
| cvssv3.1_qr | HIGH | https://github.com/advisories/GHSA-6mjq-9x4w-m3w9 |
| generic_textual | HIGH | https://github.com/FriendsOfPHP/security-advisories/blob/master/friendsofsymfony/user-bundle/2012-07-10-2.yaml |
| generic_textual | HIGH | https://github.com/FriendsOfSymfony/FOSUserBundle |
| generic_textual | HIGH | https://github.com/FriendsOfSymfony/FOSUserBundle/blob/master/Changelog.md |
| generic_textual | HIGH | https://github.com/FriendsOfSymfony/FOSUserBundle/commit/8e412a70cafd924ad04c7325dae423048861b955 |
No EPSS data available for this vulnerability.
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2026-06-04T16:21:41.871122+00:00 | GitLab Importer | Import | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/friendsofsymfony/user-bundle/GHSA-6mjq-9x4w-m3w9.yml | 38.6.0 |