The OpenID Single Sign-On authentication functionality in OXID eShop before 4.5.0 allows remote attackers to impersonate users via the email address in a crafted authentication token.
{ "nvd_published_at": "2018-01-19T15:29:00Z", "cwe_ids": [ "CWE-287" ], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2023-07-31T23:46:20Z" }