Lucene search

PRIOn knowledge basePRION:CVE-2007-4063

HistoryJul 30, 2007 - 5:30 p.m.

Cross site request forgery (csrf)

2007-07-3017:30:00

PRIOn knowledge base

www.prio-n.com

7.5 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.009 Low

EPSS

Percentile

82.2%

JSON

Multiple cross-site request forgery (CSRF) vulnerabilities in Drupal 5.x before 5.2 allow remote attackers to (1) delete comments, (2) delete content revisions, and (3) disable menu items as privileged users, related to improper use of HTTP GET and the Forms API.

CPENameOperatorVersion
drupaleq5.1.0-rev1.1
drupaleq5.0
drupaleq5.1

Name	Operator	Version
drupal	eq	5.1.0-rev1.1
drupal	eq	5.0
drupal	eq	5.1

References

osvdb.org/37898

secunia.com/advisories/26224

www.securityfocus.com/bid/25099

www.vupen.com/english/advisories/2007/2697

drupal.org/files/sa-2007-017/advisory.txt

exchange.xforce.ibmcloud.com/vulnerabilities/35639

7.5 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.009 Low

EPSS

Percentile

82.2%

JSON

Related for PRION:CVE-2007-4063