Cross-site request forgery (CSRF) vulnerability in the BrowserID (Mozilla Persona) module 7.x-1.x prior to 7.x-1.3 for Drupal allows remote malicious users to hijack the authentication of arbitrary users for requests that login a user to another web site.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
browserid project browserid 7.x-1.1 |
||
browserid project browserid 7.x-1.2 |