CVE-2007-5594

Опубликовано: 19 окт. 2007

Источник: ubuntu

Приоритет: low

EPSS Низкий

CVSS2: 4.3

Описание

Drupal 5.x before 5.3 does not apply its Drupal Forms API protection against the user deletion form, which allows remote attackers to delete users via a cross-site request forgery (CSRF) attack.

Релиз	Статус	Примечание
dapper	DNE
devel	not-affected	5.5-1ubuntu1
edgy	DNE
feisty	DNE
gutsy	released	5.2-2ubuntu2.1
upstream	released	5.3

Показывать по

Ссылки на источники

https://www.cve.org/CVERecord?id=CVE-2007-5594

EPSS

Процентиль: 64%

0.00475

Низкий

4.3 Medium

CVSS2

Связанные уязвимости

CVE-2007-5594

nvd

больше 17 лет назад

Drupal 5.x before 5.3 does not apply its Drupal Forms API protection against the user deletion form, which allows remote attackers to delete users via a cross-site request forgery (CSRF) attack.

CVE-2007-5594

debian

больше 17 лет назад

Drupal 5.x before 5.3 does not apply its Drupal Forms API protection a ...

GHSA-f8mj-2m92-pmqv

github

около 3 лет назад

Drupal 5.x before 5.3 does not apply its Drupal Forms API protection against the user deletion form, which allows remote attackers to delete users via a cross-site request forgery (CSRF) attack.

EPSS

Процентиль: 64%

0.00475

Низкий

4.3 Medium

CVSS2

CVE-2007-5594

Описание

Пакет drupal5

Ссылки на источники

Связанные уязвимости