Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2007-5594

Опубликовано: 19 окт. 2007
Источник: nvd
CVSS2: 4.3
EPSS Низкий

Описание

Drupal 5.x before 5.3 does not apply its Drupal Forms API protection against the user deletion form, which allows remote attackers to delete users via a cross-site request forgery (CSRF) attack.

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
Версия от 5.0 (включая) до 5.3 (исключая)
Конфигурация 2
cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*

EPSS

Процентиль: 59%
0.00391
Низкий

4.3 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

ubuntu
почти 18 лет назад

Drupal 5.x before 5.3 does not apply its Drupal Forms API protection against the user deletion form, which allows remote attackers to delete users via a cross-site request forgery (CSRF) attack.

debian
почти 18 лет назад

Drupal 5.x before 5.3 does not apply its Drupal Forms API protection a ...

github
больше 3 лет назад

Drupal 5.x before 5.3 does not apply its Drupal Forms API protection against the user deletion form, which allows remote attackers to delete users via a cross-site request forgery (CSRF) attack.

EPSS

Процентиль: 59%
0.00391
Низкий

4.3 Medium

CVSS2

Дефекты

CWE-352