The Token Authentication (tokenauth) module 6.x-1.x before 6.x-1.7 for Drupal does not properly revert user sessions, which might allow remote attackers to perform requests with extra privileges.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Tokenauth | Adam_ross | 6.x-1.0 | 6.x-1.0 |
Tokenauth | Adam_ross | 6.x-1.1 | 6.x-1.1 |
Tokenauth | Adam_ross | 6.x-1.3 | 6.x-1.3 |
Tokenauth | Adam_ross | 6.x-1.4 | 6.x-1.4 |
Tokenauth | Adam_ross | 6.x-1.5 | 6.x-1.5 |
Tokenauth | Adam_ross | 6.x-1.6 | 6.x-1.6 |
Tokenauth | Adam_ross | 6.x-1.x | 6.x-1.x |