Description

The OpenID module in Drupal 6.x before 6.30 and 7.x before 7.26 allows remote OpenID users to authenticate as other users via unspecified vectors.

Remediation

References

CVE-2014-1475

Related Vulnerabilities

SugarCRM Other Vulnerability (CVE-2005-0266)

Oracle HTTP Server Improper Certificate Validation Vulnerability (CVE-2020-26184)

WordPress Plugin WP Post to PDF Enhanced Cross-Site Scripting (1.0.5)

Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-0273)

Lighttpd Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-2324)

Severity

High

Classification

CVE-2014-1475

Tags

Missing Update Known Vulnerabilities