Dries Buytaert Drupal Core OpenID Module Information Disclosure (CVE-2012-4554)
An information disclosure vulnerability has been reported in Dries Buytaert Drupal Core. The vulnerability is due to an input validation error when handling specially crafted OpenID responses. A remote attacker can exploit this issue by sending a specially crafted OpenID response to the target...