CVE-2008-0272

Опубликовано: 15 янв. 2008

Источник: ubuntu

Приоритет: low

EPSS Низкий

CVSS2: 4.3

Описание

Cross-site request forgery (CSRF) vulnerability in the aggregator module in Drupal 4.7.x before 4.7.11 and 5.x before 5.6 allows remote attackers to delete items from a feed as privileged users.

Релиз	Статус	Примечание
dapper	ignored	end of life
devel	DNE
edgy	ignored	end of life, was needed
feisty	released	5.1-0ubuntu2.3
gutsy	DNE
hardy	DNE
intrepid	DNE
jaunty	DNE
karmic	DNE
upstream	released	4.7.11

Показывать по

Релиз	Статус	Примечание
dapper	DNE
devel	DNE
edgy	DNE
feisty	DNE
gutsy	released	5.2-2ubuntu2.2
hardy	not-affected	5.6-1ubuntu1
intrepid	not-affected	5.6-1ubuntu1
jaunty	not-affected	5.6-1ubuntu1
karmic	not-affected	5.6-1ubuntu1
upstream	released	5.6

Показывать по

Ссылки на источники

https://www.cve.org/CVERecord?id=CVE-2008-0272

EPSS

Процентиль: 52%

0.00295

Низкий

4.3 Medium

CVSS2

Связанные уязвимости

CVE-2008-0272

nvd

почти 18 лет назад

Cross-site request forgery (CSRF) vulnerability in the aggregator module in Drupal 4.7.x before 4.7.11 and 5.x before 5.6 allows remote attackers to delete items from a feed as privileged users.

CVE-2008-0272

debian

почти 18 лет назад

Cross-site request forgery (CSRF) vulnerability in the aggregator modu ...

GHSA-h7rp-276p-j58v

github

больше 3 лет назад

Cross-site request forgery (CSRF) vulnerability in the aggregator module in Drupal 4.7.x before 4.7.11 and 5.x before 5.6 allows remote attackers to delete items from a feed as privileged users.

EPSS

Процентиль: 52%

0.00295

Низкий

4.3 Medium

CVSS2

CVE-2008-0272

Описание

Пакет drupal

Пакет drupal5

Ссылки на источники

Связанные уязвимости