2 matches found
CVE-2009-3657
CVE-2009-3657 describes a session fixation vulnerability in the Drupal-related module “Shared Sign-On” versions 5.x and 6.x. The issue allows remote attackers to hijack user sessions via unspecified vectors, as noted in the NVD entry and related records. The vulnerability is characterized as a se...
CVE-2009-3656
CVE-2009-3656 concerns the Drupal module Shared Sign-On 5.x/6.x . The connected records confirm a CSRF vulnerability that allows remote attackers to hijack the authentication of arbitrary users via unknown vectors. There is no explicit detail on affected versions beyond the 5.x/6.x branches, nor ...