CVE-2006-1228

Опубликовано: 14 мар. 2006

Источник: ubuntu

Приоритет: untriaged

CVSS2: 5.1

Описание

Session fixation vulnerability in Drupal 4.5.x before 4.5.8 and 4.6.x before 4.5.8 allows remote attackers to gain privileges by tricking a user to click on a URL that fixes the session identifier.

Релиз	Статус	Примечание
dapper	released	4.5.8-1
devel	DNE
edgy	released	4.5.8-1
feisty	ignored	end of life, was needed
gutsy	DNE
hardy	DNE
upstream	needs-triage

Показывать по

Ссылки на источники

https://www.cve.org/CVERecord?id=CVE-2006-1228

5.1 Medium

CVSS2

Связанные уязвимости

CVE-2006-1228

nvd

больше 19 лет назад

Session fixation vulnerability in Drupal 4.5.x before 4.5.8 and 4.6.x before 4.5.8 allows remote attackers to gain privileges by tricking a user to click on a URL that fixes the session identifier.

CVE-2006-1228

debian

больше 19 лет назад

Session fixation vulnerability in Drupal 4.5.x before 4.5.8 and 4.6.x ...

GHSA-7ff4-pff4-jj4c

github

около 3 лет назад

Session fixation vulnerability in Drupal 4.5.x before 4.5.8 and 4.6.x before 4.5.8 allows remote attackers to gain privileges by tricking a user to click on a URL that fixes the session identifier.

5.1 Medium

CVSS2

CVE-2006-1228

Описание

Пакет drupal

Ссылки на источники

Связанные уязвимости