You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Resolved security issue (defect #9 - identified by alanabarrett0).
Expanded the use of the salted hash to ensure that an attacker cannot change the uid of the authenticated Drupal user by manipulating the value of a cookie.
Modified files:
drupal_module/drupalauth4ssp/drupalauth4ssp.module - concatenate uid with salt before hashing
lib/Auth/Source/External.php - concatenate uid with salt before hashing and minor adjustments