Security News > 2015 > June > Drupal Fixes Critical OpenID Bug (Threatpost)

Drupal has patched several vulnerabilities in versions 6 and 7 of the content-management system, including a critical bug that enables an attacker to hijack administrators’ accounts and take arbitrary actions on target sites. That vulnerability lies in the OpenID module in Drupal that enables users to authenticate themselves using the OpenID protocol. The protocol is based […]

News URL

http://threatpost.com/drupal-fixes-critical-openid-bug/113379