GHSA-r9vc-jfmh-6j48: 
PHP vulnerability analysis and mitigation

TYPO3 CMS versions 6.2.0 to 6.2.13 and 7.0.0 to 7.3.0 were discovered to be vulnerable to session fixation in the frontend login component. The vulnerability was disclosed on July 1, 2015, and was assigned the identifier TYPO3-CORE-SA-2015-003. This security issue affects the authentication mechanism of TYPO3's frontend user login system (TYPO3 Advisory).

The vulnerability occurs when a user authenticates while anonymous session data is present, where the session ID is not regenerated during the authentication process. The issue has been assigned a CVSS v3.1 base score of 7.1 (High severity) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N. The vulnerability is classified as CWE-384 (Session Fixation) (GitHub Advisory).

The vulnerability allows attackers to potentially gain access to authenticated sessions by generating a valid session ID and tricking users into using this session ID. This could be achieved by leveraging other vulnerabilities such as Cross-Site Scripting. The impact primarily affects the confidentiality and integrity of user sessions (TYPO3 Advisory).

The vulnerability was patched in TYPO3 versions 6.2.14 and 7.3.1. The fix involves regenerating the session ID when a user is authenticated but no new session ID was generated during the process. The patch implements proper session ID regeneration in both the AbstractUserAuthentication and FrontendUserAuthentication classes (TYPO3 Commit).