Vulnerabilities (CVE)

Filtered by vendor Drupal Subscribe
Filtered by product Openid
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-0570 1 Drupal 1 Openid 2024-02-04 5.0 MEDIUM N/A
The OpenID 5.x-1.0 and earlier module for Drupal does not properly verify the claimed_id returned by an OpenID provider, which allows remote OpenID providers to spoof OpenID authentication for domains associated with other providers.