Vulnerabilities > TIM Nelson
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-10-09 | CVE-2009-3657 | Improper Authentication vulnerability in TIM Nelson Shared Sign-On 5.X/6.X Session fixation vulnerability in Shared Sign-On 5.x and 6.x, a module for Drupal, allows remote attackers to hijack web sessions via unspecified vectors. | 5.8 |
| 2009-10-09 | CVE-2009-3656 | Cross-Site Request Forgery (CSRF) vulnerability in TIM Nelson Shared Sign-On 5.X/6.X Cross-site request forgery (CSRF) vulnerability in Shared Sign-On 5.x and 6.x, a module for Drupal, allows remote attackers to hijack the authentication of arbitrary users via unknown vectors. | 6.8 |