Browserid Project

browserid_project

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Browserid

browserid

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2012-2714 1Browserid Project 1Browserid Nov 21, 2024 Jan 9, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The BrowserID (Mozilla Persona) module 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to hijack the authentication of arbitrary users via the audience identifier.
CVE-2012-2713 1Browserid Project 1Browserid Apr 29, 2026 Jun 27, 2012 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Cross-site request forgery (CSRF) vulnerability in the BrowserID (Mozilla Persona) module 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that login...Show more Cross-site request forgery (CSRF) vulnerability in the BrowserID (Mozilla Persona) module 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that login a user to another web site.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2012-2714

1Browserid Project

1Browserid

Nov 21, 2024

Jan 9, 2020

N/A· v4

9.8 CRITICAL· v3

7.5 HIGH· v2

The BrowserID (Mozilla Persona) module 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to hijack the authentication of arbitrary users via the audience identifier.

CVE-2012-2713

1Browserid Project

1Browserid

Apr 29, 2026

Jun 27, 2012

N/A· v4

N/A· v3

6.8 MEDIUM· v2

Cross-site request forgery (CSRF) vulnerability in the BrowserID (Mozilla Persona) module 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that login...Show more