Vulnerabilities > Browserid Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-01-09 | CVE-2012-2714 | Improper Authentication vulnerability in Browserid Project Browserid 7.X1.0/7.X1.1/7.X1.2 The BrowserID (Mozilla Persona) module 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to hijack the authentication of arbitrary users via the audience identifier. | 7.5 |
2012-06-27 | CVE-2012-2713 | Cross-Site Request Forgery (CSRF) vulnerability in Browserid Project Browserid 7.X1.1/7.X1.2 Cross-site request forgery (CSRF) vulnerability in the BrowserID (Mozilla Persona) module 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that login a user to another web site. | 6.8 |