* Advisory ID: DRUPAL-SA-CONTRIB-2010-061
* Project: AddonChat (third-party module)
* Version: 6.x-1.x
* Date: 2010-May-26
* Security risk: Highly Critical
* Exploitable from: Remote
* Vulnerability: Multiple (Privilege Escalation, Cross-site scripting)

DESCRIPTION

The AddonChat module provides Drupal integration with the AddonChat Java chat
room.

Due to unsafe handling of the global $user object, failed authentication at
the custom addonchat_auth.php script will log in an attacker as the chosen
user.