This module allows users of a remote Services-enabled Drupal site to sign on to a second site with their credentials.
The module does not sanitize information from the request before displaying it, thereby exposing a cross-site scripting vulnerability.
Install the latest version:
- If you use the Services Single Sign-on Client module for Drupal 7.x, upgrade to Services Single Sign-on Client 7.x-1.6
- Scott Allison
- Brandon Stone the module maintainer
- David Rothstein of the Drupal Security Team
- Lee Rowlands of the Drupal Security Team