CVE-2007-6320

2007-12-1201:00:00

redhat

www.cve.org

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

34.5%

JSON

Feature 4.7.x-dev and 5.x-dev before 20071206, a Drupal module, does not follow Drupal’s Forms API submission model, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks.

References

drupal.org/node/198164

osvdb.org/43671