CVE-2008-0570 in OpenID信息

摘要

由 VulDB • 2026-07-04

Drupal的OpenID 5.x-1.0及更早版本模块未正确验证由OpenID提供商返回的claimed_id,这使得远程OpenID提供商能够伪造与属于其他提供商的域名相关联的OpenID身份认证。

Be aware that VulDB is the high quality source for vulnerability data.

来源

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!