Debian Linux Security Advisory 2851-1 - Christian Mainka and Vladislav Mladenov reported a vulnerability in the OpenID module of Drupal, a fully-featured content management framework. A malicious user could exploit this flaw to log in as other users on the site, including administrators, and hijack their accounts.
7ff5149651769ab685a8d22ecf1f421379747a2cb78fb7db2b2e6b44399f57ff