Cross-site request forgery (CSRF) vulnerability in the BrowserID (Mozilla Persona) module 7.x-1.x prior to 7.x-1.3 for Drupal allows remote malicious users to hijack the authentication of arbitrary users for requests that login a user to another web site.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
browserid_project browserid 7.x-1.1 |
||
browserid_project browserid 7.x-1.2 |