The BrowserID (Mozilla Persona) module 7.x-1.x prior to 7.x-1.3 for Drupal allows remote malicious users to hijack the authentication of arbitrary users via the audience identifier.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
browserid project browserid 7.x-1.0 |
||
browserid project browserid 7.x-1.1 |
||
browserid project browserid 7.x-1.2 |