Bryce Hamrick: >> Janrain Capture Security Vulnerabilities
The Janrain Capture module 6.x-1.0 and 7.x-1.0 for Drupal, when creating a local user account, allows attackers to obtain part of the initial input used to generate passwords, which makes it easier to conduct brute force password guessing attacks.
CVSS Score
5.0
EPSS Score
0.004
Published
2012-06-27
Open redirect vulnerability in the Janrain Capture module 6.x-1.0 and 7.x-1.0 for Drupal, when synchronizing user data, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination parameter.
CVSS Score
5.8
EPSS Score
0.009
Published
2012-06-27