Back to search
CVE-2007-1652
Published: Mar 24, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
OpenID allows remote attackers to forcibly log a user into an OpenID enabled site, divulge the user's personal information to this site, and add it site to the trusted sites list via a crafted web page, related to cached tokens.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
[security] 20070321 MyOpenID
mailing-list
x_refsource_MLIST
[security] 20070321 MyOpenID
mailing-list
x_refsource_MLIST
[security] 20070321 MyOpenID
mailing-list
x_refsource_MLIST
[security] 20070322 MyOpenID
mailing-list
x_refsource_MLIST
http://janrain.com/blog/2007/03/22/myopenid-security-fix/
x_refsource_MISC
43601
vdb-entry
x_refsource_OSVDB
[security] 20070321 MyOpenID
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now