Shared Sign On

shared_sign-on

Vendor: Tim Nelson • 2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2009-3657 1Tim Nelson 1Shared Sign On Apr 23, 2026 Oct 9, 2009 N/A· v4 N/A· v3 5.8 MEDIUM· v2 Session fixation vulnerability in Shared Sign-On 5.x and 6.x, a module for Drupal, allows remote attackers to hijack web sessions via unspecified vectors.
CVE-2009-3656 1Tim Nelson 1Shared Sign On Apr 23, 2026 Oct 9, 2009 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Cross-site request forgery (CSRF) vulnerability in Shared Sign-On 5.x and 6.x, a module for Drupal, allows remote attackers to hijack the authentication of arbitrary users via unknown vectors.