Description

The OpenID module in Drupal 6.x before 6.18, and the OpenID module 5.x before 5.x-1.4 for Drupal, violates the OpenID 2.0 protocol by not verifying the openid.return_to value, which allows remote attackers to bypass authentication by leveraging an assertion from an OpenID provider.

Remediation

References

CVE-2010-3091

Related Vulnerabilities

WordPress Plugin Product Filter for WooCommerce Security Bypass (8.1.1)

Perl Out-of-bounds Write Vulnerability (CVE-2018-18311)

WordPress Plugin Translate WordPress-Google Language Translator Cross-Site Scripting (4.0.9)

PHP NULL Pointer Dereference Vulnerability (CVE-2016-7131)

Dolphin Other Vulnerability (CVE-2006-4189)

Severity

Medium

Classification

CVE-2010-3091 CWE-287

Tags

Missing Update Known Vulnerabilities