CVE-2008-0570

The OpenID 5.x-1.0 and earlier module for Drupal does not properly verify the claimed_id returned by an OpenID provider, which allows remote OpenID providers to spoof OpenID authentication for domains associated with other providers.
Configurations

Configuration 1

cpe:2.3:a:drupal:openid:5:*:*:*:*:*:*:*

Information

Published : 2008-02-05 02:00

Updated : 2011-03-08 03:04


NVD link : CVE-2008-0570

Mitre link : CVE-2008-0570

Products Affected
No products.
CWE