Back to search
CVE-2007-1651
Published: Mar 24, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
Cross-site request forgery (CSRF) vulnerability in OpenID allows remote attackers to restore the login session of a user on an OpenID enabled site via unspecified vectors related to an arbitrary remote web site and cached tokens, after the user has signed into an OpenID server, logged into the OpenID enabled site, and then logged out of the OpenID enabled site.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
[security] 20070321 MyOpenID
mailing-list
x_refsource_MLIST
[security] 20070321 MyOpenID
mailing-list
x_refsource_MLIST
[security] 20070321 MyOpenID
mailing-list
x_refsource_MLIST
[security] 20070322 MyOpenID
mailing-list
x_refsource_MLIST
http://janrain.com/blog/2007/03/22/myopenid-security-fix/
x_refsource_MISC
43600
vdb-entry
x_refsource_OSVDB
[security] 20070321 MyOpenID
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now