JOIDS (Java OpenID Server) multiple vulnerabilities

Hi, This is a public disclosure with disarmed Proof of Concept of unpatched vulnerabilities in JOIDS Java OpenID Server. "JOIDS Java OpenID Server is a multi-domain, multi-user OpenID Provider based on OpenID4Java, Spring Framework, Hibernate, Velocity" https://code.google.com/p/openid-server/...

Java OpenID Server 1.2.1 XSS / Session Fixation

Hi, This is a public disclosure with disarmed Proof of Concept of unpatched vulnerabilities in JOIDS Java OpenID Server. "JOIDS Java OpenID Server is a multi-domain, multi-user OpenID Provider based on OpenID4Java, Spring Framework, Hibernate, Velocity" https://code.google.com/p/openid-server/...