Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2009-3657 | 2 Drupal, Tim Nelson | 2 Drupal, Shared Sign-on | 2024-11-21 | 5.8 MEDIUM | N/A |
Session fixation vulnerability in Shared Sign-On 5.x and 6.x, a module for Drupal, allows remote attackers to hijack web sessions via unspecified vectors. | |||||
CVE-2009-3656 | 2 Drupal, Tim Nelson | 2 Drupal, Shared Sign-on | 2024-11-21 | 6.8 MEDIUM | N/A |
Cross-site request forgery (CSRF) vulnerability in Shared Sign-On 5.x and 6.x, a module for Drupal, allows remote attackers to hijack the authentication of arbitrary users via unknown vectors. |