Описание
Multiple cross-site request forgery (CSRF) vulnerabilities in Drupal 5.x before 5.10 and 6.x before 6.4 allow remote attackers to hijack the authentication of administrators for requests that (1) add or (2) delete user access rules.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | DNE | |
| feisty | ignored | end of life, was needed |
| gutsy | DNE | |
| hardy | DNE | |
| intrepid | DNE | |
| jaunty | DNE | |
| karmic | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| feisty | DNE | |
| gutsy | ignored | end of life, was needed |
| hardy | released | 5.7-1ubuntu1.2 |
| intrepid | not-affected | |
| jaunty | not-affected | |
| karmic | not-affected | |
| upstream | released | 5.10 |
Показывать по
Ссылки на источники
EPSS
5.8 Medium
CVSS2
Связанные уязвимости
Multiple cross-site request forgery (CSRF) vulnerabilities in Drupal 5.x before 5.10 and 6.x before 6.4 allow remote attackers to hijack the authentication of administrators for requests that (1) add or (2) delete user access rules.
Multiple cross-site request forgery (CSRF) vulnerabilities in Drupal 5 ...
Multiple cross-site request forgery (CSRF) vulnerabilities in Drupal 5.x before 5.10 and 6.x before 6.4 allow remote attackers to hijack the authentication of administrators for requests that (1) add or (2) delete user access rules.
EPSS
5.8 Medium
CVSS2