CVE-2007-1651

EPSS 0.96%
Published 24.03.2007 00:19:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Cross-site request forgery (CSRF) vulnerability in OpenID allows remote attackers to restore the login session of a user on an OpenID enabled site via unspecified vectors related to an arbitrary remote web site and cached tokens, after the user has signed into an OpenID server, logged into the OpenID enabled site, and then logged out of the OpenID enabled site.

Affected products Warnungen 0 Metrics 2 CWE 0 References 10

Data is provided by the National Vulnerability Database (NVD)

Openid ≫ Openid

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.96%	0.755

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

http://janrain.com/blog/2007/03/22/myopenid-security-fix/

http://openid.net/pipermail/security/2007-March/000286.html

http://openid.net/pipermail/security/2007-March/000288.html

http://openid.net/pipermail/security/2007-March/000291.html

http://openid.net/pipermail/security/2007-March/000306.html

http://openid.net/pipermail/security/2007-March/000311.html

http://osvdb.org/43600

https://nvd.nist.gov/vuln/detail/CVE-2007-1651

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-1651

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-1651

EUVD