Vulnerabilities (CVE)

Filtered by vendor Tim Nelson Subscribe
Filtered by product Shared Sign-on
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-3657 2 Drupal, Tim Nelson 2 Drupal, Shared Sign-on 2024-11-21 5.8 MEDIUM N/A
Session fixation vulnerability in Shared Sign-On 5.x and 6.x, a module for Drupal, allows remote attackers to hijack web sessions via unspecified vectors.
CVE-2009-3656 2 Drupal, Tim Nelson 2 Drupal, Shared Sign-on 2024-11-21 6.8 MEDIUM N/A
Cross-site request forgery (CSRF) vulnerability in Shared Sign-On 5.x and 6.x, a module for Drupal, allows remote attackers to hijack the authentication of arbitrary users via unknown vectors.