Vulnerabilities (CVE)

Filtered by vendor Bryce Hamrick Subscribe
Filtered by product Janrain Capture
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-3798 2 Bryce Hamrick, Drupal 2 Janrain Capture, Drupal 2024-02-04 5.0 MEDIUM N/A
The Janrain Capture module 6.x-1.0 and 7.x-1.0 for Drupal, when creating a local user account, allows attackers to obtain part of the initial input used to generate passwords, which makes it easier to conduct brute force password guessing attacks.
CVE-2012-2727 2 Bryce Hamrick, Drupal 2 Janrain Capture, Drupal 2024-02-04 5.8 MEDIUM N/A
Open redirect vulnerability in the Janrain Capture module 6.x-1.0 and 7.x-1.0 for Drupal, when synchronizing user data, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination parameter.