高木浩光

**Name of the Vulnerable Software and Affected Versions** OpenPNE versions 1.6 through 1.8 OpenPNE versions 2.0 through 2.8 OpenPNE versions 2.10 through 2.14 OpenPNE versions 3.0 through 3.4 **Description** The issue allows remote attackers to bypass the simple login functionality via unknown vectors related to spoofing when mobile device support is enabled. **Recommendations** For OpenPNE versions 1.6 through 1.8, consider disabling mobile device support until a fix is available. For OpenPNE versions 2.0 through 2.8, consider disabling mobile device support until a fix is available. For OpenPNE versions 2.10 through 2.14, consider disabling mobile device support until a fix is available. For OpenPNE versions 3.0 through 3.4, consider disabling mobile device support until a fix is available.