Description
The OpenID module in Drupal 6.x before 6.18, and the OpenID module 5.x before 5.x-1.4 for Drupal, violates the OpenID 2.0 protocol by not verifying the openid.return_to value, which allows remote attackers to bypass authentication by leveraging an assertion from an OpenID provider.
References (6)
Core 6
Core References
Patch, Vendor Advisory x_refsource_confirm
http://drupal.org/node/880480
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2010/dsa-2113
Mailing List mailing-list
x_refsource_mlist
http://marc.info/?l=oss-security&m=128440896914512&w=2
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/42388
Patch, Vendor Advisory x_refsource_confirm
http://drupal.org/node/880476
Mailing List mailing-list
x_refsource_mlist
http://marc.info/?l=oss-security&m=128418560705305&w=2
Scores
EPSS
0.0070
EPSS Percentile
72.3%
Details
CWE
CWE-287
Status
published
Products (23)
drupal/drupal
6.0 (10 CPE variants)
drupal/drupal
6.1
drupal/drupal
6.2
drupal/drupal
6.3
drupal/drupal
6.4
drupal/drupal
6.5
drupal/drupal
6.6
drupal/drupal
6.7
drupal/drupal
6.8
drupal/drupal
6.9
... and 13 more
Published
Sep 29, 2010
Tracked Since
Feb 18, 2026