0.001 Low
EPSS
Percentile
35.8%
It was found that mod_auth_mellon was vulnerable to a cross-site session transfer attack. An attacker with access to one web site on a server could use the same session to get access to a different site running on the same server.
bugzilla.redhat.com/show_bug.cgi?id=1431670