CVE-2016-2049
The CVE-2016-2049 entry describes a vulnerability in the JanRain PHP OpenID library (php-openid), where examples/consumer/common.php improperly compares the openid.realm parameter to the SERVER_NAME value from the SERVER superglobal. This mismatch can allow remote attackers to hijack user authent...