Vulnerabilities (CVE)

Filtered by vendor Niif Subscribe
Filtered by product Shib Auth
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-4527 2 Drupal, Niif 2 Drupal, Shib Auth 2024-11-21 4.6 MEDIUM N/A
The Shibboleth authentication module 5.x before 5.x-3.4 and 6.x before 6.x-3.2, a module for Drupal, does not properly remove statically granted privileges after a logout or other session change, which allows physically proximate attackers to gain privileges by using an unattended web browser.