cpe:/a:tim_nelson:shared_sign-on:5.x cpe:/a:tim_nelson:shared_sign-on:6.x CVE-2009-3656 2009-10-09T10:30:00.627-04:00 2017-08-16T21:31:13.850-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-10-12T15:00:00.000-04:00 BID 36563 CONFIRM http://drupal.org/node/592488 XF sharedsignon-unspecified-csrf(53559) Cross-site request forgery (CSRF) vulnerability in Shared Sign-On 5.x and 6.x, a module for Drupal, allows remote attackers to hijack the authentication of arbitrary users via unknown vectors.