Описание
Drupal 4.6.x before 4.6.10 and 4.7.x before 4.7.4 allows form submissions to be redirected, which allows remote attackers to obtain arbitrary form information via a crafted URL.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
- Patch
- PatchVendor Advisory
- PatchVendor Advisory
- Patch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:drupal:drupal:4.6.0:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:4.6.1:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:4.6.2:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:4.6.3:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:4.6.4:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:4.6.5:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:4.6.6:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:4.6.7:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:4.6.8:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:4.6.9:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:4.7.0:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:4.7.1:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:4.7.2:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:4.7.3:*:*:*:*:*:*:*
EPSS
Процентиль: 70%
0.00658
Низкий
2.6 Low
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
ubuntu
больше 18 лет назад
Drupal 4.6.x before 4.6.10 and 4.7.x before 4.7.4 allows form submissions to be redirected, which allows remote attackers to obtain arbitrary form information via a crafted URL.
debian
больше 18 лет назад
Drupal 4.6.x before 4.6.10 and 4.7.x before 4.7.4 allows form submissi ...
github
около 3 лет назад
Drupal 4.6.x before 4.6.10 and 4.7.x before 4.7.4 allows form submissions to be redirected, which allows remote attackers to obtain arbitrary form information via a crafted URL.
EPSS
Процентиль: 70%
0.00658
Низкий
2.6 Low
CVSS2
Дефекты
NVD-CWE-Other