Описание
Cross-site request forgery (CSRF) vulnerability in Drupal 4.6.x before 4.6.10 and 4.7.x before 4.7.4 allows remote attackers to perform unauthorized actions as an arbitrary user via unspecified vectors.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:drupal:drupal:4.6.0:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:4.6.1:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:4.6.2:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:4.6.3:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:4.6.4:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:4.6.5:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:4.6.6:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:4.6.7:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:4.6.8:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:4.6.9:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:4.7.0:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:4.7.1:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:4.7.2:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:4.7.3:*:*:*:*:*:*:*
EPSS
Процентиль: 79%
0.012
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
ubuntu
больше 19 лет назад
Cross-site request forgery (CSRF) vulnerability in Drupal 4.6.x before 4.6.10 and 4.7.x before 4.7.4 allows remote attackers to perform unauthorized actions as an arbitrary user via unspecified vectors.
debian
больше 19 лет назад
Cross-site request forgery (CSRF) vulnerability in Drupal 4.6.x before ...
github
почти 4 года назад
Cross-site request forgery (CSRF) vulnerability in Drupal 4.6.x before 4.6.10 and 4.7.x before 4.7.4 allows remote attackers to perform unauthorized actions as an arbitrary user via unspecified vectors.
EPSS
Процентиль: 79%
0.012
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other