Session Hijacking Vulnerability in Drupal's Chatroom Module
CVE-2006-6528

Currently unrated

Key Information:

Vendor

Drupal
Status
Chatroom Module
Vendor
CVE Published:
14 December 2006

What is CVE-2006-6528?

The Chatroom Module for Drupal, prior to version 4.7.x-1.0, is compromised by a vulnerability that reveals session IDs of all visitors to participants in chatrooms. This flaw allows malicious actors to initiate session hijacking attacks, enabling them to impersonate legitimate users and gain unauthorized access to their accounts, compromising user data and security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.vupen.com/english/advisories/2006/4942
vdb-entryx_refsource_VUPEN
http://secunia.com/advisories/23343
third-party-advisoryx_refsource_SECUNIA
http://drupal.org/node/102614
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.