Description
The OpenID module in Drupal 6.x before 6.18, and the OpenID module 5.x before 5.x-1.4 for Drupal, violates the OpenID 2.0 protocol by not verifying the openid.return_to value, which allows remote attackers to bypass authentication by leveraging an assertion from an OpenID provider.
Remediation
References
Related Vulnerabilities
e107 Other Vulnerability (CVE-2005-1949)
WordPress Plugin WP Planet Cross-Site Scripting (0.1)
Envoy Proxy CVE-2023-27487 Vulnerability (CVE-2023-27487)
TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2010-1153)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6106)