RSS   Vulnerabilities for 'Janrain capture'   RSS

2012-06-26
 
CVE-2012-3798

CWE-200
 

 
The Janrain Capture module 6.x-1.0 and 7.x-1.0 for Drupal, when creating a local user account, allows attackers to obtain part of the initial input used to generate passwords, which makes it easier to conduct brute force password guessing attacks.

 
 
CVE-2012-2727

CWE-20
 

 
Open redirect vulnerability in the Janrain Capture module 6.x-1.0 and 7.x-1.0 for Drupal, when synchronizing user data, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination parameter.

 


Copyright 2019, cxsecurity.com

 

Back to Top