CVE-2007-5594

Опубликовано: 19 окт. 2007

Источник: debian

EPSS Низкий

Описание

Drupal 5.x before 5.3 does not apply its Drupal Forms API protection against the user deletion form, which allows remote attackers to delete users via a cross-site request forgery (CSRF) attack.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
drupal5	fixed	5.3-1		package
drupal	fixed	4.7.8-1		package

EPSS

Процентиль: 59%

0.00391

Низкий

Связанные уязвимости

CVE-2007-5594

ubuntu

почти 18 лет назад

Drupal 5.x before 5.3 does not apply its Drupal Forms API protection against the user deletion form, which allows remote attackers to delete users via a cross-site request forgery (CSRF) attack.

CVE-2007-5594

nvd

почти 18 лет назад

Drupal 5.x before 5.3 does not apply its Drupal Forms API protection against the user deletion form, which allows remote attackers to delete users via a cross-site request forgery (CSRF) attack.

GHSA-f8mj-2m92-pmqv

github

больше 3 лет назад

Drupal 5.x before 5.3 does not apply its Drupal Forms API protection against the user deletion form, which allows remote attackers to delete users via a cross-site request forgery (CSRF) attack.

EPSS

Процентиль: 59%

0.00391

Низкий