Описание
Cross-site request forgery (CSRF) vulnerability in Drupal 6.x before 6.3 allows remote attackers to perform administrative actions via vectors involving deletion of OpenID identities.
Ссылки
- PatchVendor Advisory
- Third Party Advisory
- Mailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
- Issue TrackingThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- PatchVendor Advisory
- Third Party Advisory
- Mailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
- Issue TrackingThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 6.0 (включая) до 6.3 (исключая)
cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*
EPSS
Процентиль: 61%
0.00422
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-352
Связанные уязвимости
ubuntu
почти 17 лет назад
Cross-site request forgery (CSRF) vulnerability in Drupal 6.x before 6.3 allows remote attackers to perform administrative actions via vectors involving deletion of OpenID identities.
debian
почти 17 лет назад
Cross-site request forgery (CSRF) vulnerability in Drupal 6.x before 6 ...
github
около 3 лет назад
Cross-site request forgery (CSRF) vulnerability in Drupal 6.x before 6.3 allows remote attackers to perform administrative actions via vectors involving deletion of OpenID identities.
EPSS
Процентиль: 61%
0.00422
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-352