CVE-2012-2714

The BrowserID (Mozilla Persona) module 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to hijack the authentication of arbitrary users via the audience identifier.
References
Link Resource
http://www.securityfocus.com/bid/53673 Third Party Advisory VDB Entry
https://drupal.org/node/1596464 Third Party Advisory
http://drupal.org/node/1597414 Third Party Advisory
http://www.openwall.com/lists/oss-security/2012/06/14/3 Mailing List Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:browserid_project:browserid:7.x-1.0:*:*:*:*:drupal:*:*
cpe:2.3:a:browserid_project:browserid:7.x-1.1:*:*:*:*:drupal:*:*
cpe:2.3:a:browserid_project:browserid:7.x-1.2:*:*:*:*:drupal:*:*

Information

Published : 2020-01-09 12:15

Updated : 2020-01-27 04:48


NVD link : CVE-2012-2714

Mitre link : CVE-2012-2714


JSON object : View

CWE
CWE-287

Improper Authentication

Advertisement

dedicated server usa

Products Affected

browserid_project

  • browserid