CVE-2007-5594

Опубликовано: 19 окт. 2007

Источник: debian

Описание

Drupal 5.x before 5.3 does not apply its Drupal Forms API protection against the user deletion form, which allows remote attackers to delete users via a cross-site request forgery (CSRF) attack.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
drupal5	fixed	5.3-1		package
drupal	fixed	4.7.8-1		package

Связанные уязвимости

CVE-2007-5594

ubuntu

больше 17 лет назад

Drupal 5.x before 5.3 does not apply its Drupal Forms API protection against the user deletion form, which allows remote attackers to delete users via a cross-site request forgery (CSRF) attack.

CVE-2007-5594

nvd

больше 17 лет назад

Drupal 5.x before 5.3 does not apply its Drupal Forms API protection against the user deletion form, which allows remote attackers to delete users via a cross-site request forgery (CSRF) attack.

GHSA-f8mj-2m92-pmqv

github

около 3 лет назад

Drupal 5.x before 5.3 does not apply its Drupal Forms API protection against the user deletion form, which allows remote attackers to delete users via a cross-site request forgery (CSRF) attack.