CVE-2015-3234: Input Validation

First published: Mon Jun 22 2015(Updated: )

The OpenID module in Drupal 6.x before 6.36 and 7.x before 7.38 allows remote attackers to log into other users' accounts by leveraging an OpenID identity from certain providers, as demonstrated by the Verisign, LiveJournal, and StackExchange providers.

Credit: secalert@redhat.com

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/nvd-index
• agent/severity
• agent/references
• agent/weakness
• agent/author
• agent/description
• agent/tags
• agent/type
• agent/event
• agent/remedy
• agent/softwarecombine
• agent/first-publish-date
• agent/last-modified-date
• collector/mitre-cve
• source/MITRE
• vendor/drupal
• canonical/drupal drupal
• version/drupal drupal/6.0
• version/drupal drupal/6.0-beta1
• version/drupal drupal/6.0-beta2
• version/drupal drupal/6.0-beta3
• version/drupal drupal/6.0-beta4
• version/drupal drupal/6.0-dev
• version/drupal drupal/6.0-rc1
• version/drupal drupal/6.0-rc2
• version/drupal drupal/6.0-rc3
• version/drupal drupal/6.0-rc4
• version/drupal drupal/6.1
• version/drupal drupal/6.2
• version/drupal drupal/6.3
• version/drupal drupal/6.4
• version/drupal drupal/6.5
• version/drupal drupal/6.6
• version/drupal drupal/6.7
• version/drupal drupal/6.8
• version/drupal drupal/6.9
• version/drupal drupal/6.10
• version/drupal drupal/6.11
• version/drupal drupal/6.12
• version/drupal drupal/6.13
• version/drupal drupal/6.14
• version/drupal drupal/6.15
• version/drupal drupal/6.16
• version/drupal drupal/6.17
• version/drupal drupal/6.18
• version/drupal drupal/6.19
• version/drupal drupal/6.20
• version/drupal drupal/6.21
• version/drupal drupal/6.22
• version/drupal drupal/6.23
• version/drupal drupal/6.24
• version/drupal drupal/6.25
• version/drupal drupal/6.26
• version/drupal drupal/6.27
• version/drupal drupal/6.28
• version/drupal drupal/6.29
• version/drupal drupal/6.30
• version/drupal drupal/6.31
• version/drupal drupal/6.32
• version/drupal drupal/6.33
• version/drupal drupal/6.34
• version/drupal drupal/6.35
• version/drupal drupal/7.0
• version/drupal drupal/7.0-alpha1
• version/drupal drupal/7.0-alpha2
• version/drupal drupal/7.0-alpha3
• version/drupal drupal/7.0-alpha4
• version/drupal drupal/7.0-alpha5
• version/drupal drupal/7.0-alpha6
• version/drupal drupal/7.0-alpha7
• version/drupal drupal/7.0-beta1
• version/drupal drupal/7.0-beta2
• version/drupal drupal/7.0-beta3
• version/drupal drupal/7.0-dev
• version/drupal drupal/7.0-rc1
• version/drupal drupal/7.0-rc2
• version/drupal drupal/7.0-rc3
• version/drupal drupal/7.0-rc4
• version/drupal drupal/7.1
• version/drupal drupal/7.2
• version/drupal drupal/7.3
• version/drupal drupal/7.4
• version/drupal drupal/7.5
• version/drupal drupal/7.6
• version/drupal drupal/7.7
• version/drupal drupal/7.8
• version/drupal drupal/7.9
• version/drupal drupal/7.10
• version/drupal drupal/7.11
• version/drupal drupal/7.12
• version/drupal drupal/7.13
• version/drupal drupal/7.14
• version/drupal drupal/7.15
• version/drupal drupal/7.16
• version/drupal drupal/7.17
• version/drupal drupal/7.18
• version/drupal drupal/7.19
• version/drupal drupal/7.20
• version/drupal drupal/7.21
• version/drupal drupal/7.22
• version/drupal drupal/7.23
• version/drupal drupal/7.24
• version/drupal drupal/7.25
• version/drupal drupal/7.26
• version/drupal drupal/7.27
• version/drupal drupal/7.28
• version/drupal drupal/7.29
• version/drupal drupal/7.30
• version/drupal drupal/7.33
• version/drupal drupal/7.34
• version/drupal drupal/7.35
• version/drupal drupal/7.36
• version/drupal drupal/7.37
• vendor/debian
• canonical/debian debian linux
• version/debian debian linux/7.0
• version/debian debian linux/8.0