Vulnerabilities for Openid (...) - CXSECURITY.COM

Vulnerabilities for 'Openid'

2008-02-04

CVE-2008-0570

CWE-20

The OpenID 5.x-1.0 and earlier module for Drupal does not properly verify the claimed_id returned by an OpenID provider, which allows remote OpenID providers to spoof OpenID authentication for domains associated with other providers.

>>> Vendor: Drupal 148 Products

Form mail module

Bibliography module

Drupal easylinks module

Drupal e-commerce module

Drupal pathauto module

Drupal pubcookie module

Drupal userreview module

Search keyword module

Site profile directory module

Extended tracker

Cvs management and tracker

Chatroom module

Help tip module

Drupal project issue tracking

Project issue tracking module

Secure site module

Mediafield module

Database administration module

Logintoboggan module

Content construction kit

Asin field module

E-commerce module

Fullname field for cck

Node relativity module

Pathauto module

Paypal node module

Ubercart module

Meta tags module

Fileshare module

Comment upload module

Userpoints module

Internationalization

Site documentation module

Node hierarchy module

Magic tabs module

Taxonomy image module

Trailscout module

Aggregation module

Taxonomy autotagger module

Organic groups module

Outline designer module

Tinytax taxonomy block module

Suggested terms module

Brilliant gallery

Shindig-integrator

Semantically interconnected online communities

Localization client

Localization server

User karma module

Views bulk operations

Protected node module

Taxonomy theme module

See all Products for Vendor Drupal

Copyright 2024, cxsecurity.com