CVE-2008-6836

2022-10-0316:13:49

mitre

www.cve.org

cve-2008-6836

cross-site request forgery

openid module

drupal

authentication hijack

openid identities

remote attackers

7.1 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

53.4%

JSON

Cross-site request forgery (CSRF) vulnerability in OpenID 5.x before 5x.-1.2, a module for Drupal, allows remote attackers to hijack the authentication of unspecified victims to delete OpenID identities via unknown vectors.

References

drupal.org/node/280592

drupal.org/node/280593

osvdb.org/46939

secunia.com/advisories/31027

www.securityfocus.com/bid/30165