CVE-2015-6926 2018-01-19T10:29:00.280-05:00 2018-02-06T13:29:22.697-05:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2018-02-06T10:35:42.593-05:00 CONFIRM https://bugs.oxid-esales.com/view.php?id=6224 CONFIRM https://oxidforge.org/en/oxid-security-bulletin-2015-001.html The OpenID Single Sign-On authentication functionality in OXID eShop before 4.5.0 allows remote attackers to impersonate users via the email address in a crafted authentication token.