Drupalauth Project : Security Vulnerabilities, CVEs,
lib/Auth/Source/External.php in the drupalauth module before 1.2.2 for simpleSAMLphp allows remote attackers to authenticate as an arbitrary user via the user name (uid) in a cookie.
Max CVSS
7.5
EPSS Score
0.72%
Published
2014-05-13
Updated
2014-05-14
1 vulnerabilities found