146 matches found
CVE-2020-13663
Cross Site Request Forgery vulnerability in Drupal Core Form API does not properly handle certain form input from cross-site requests, which can lead to other vulnerabilities...
CVE-2020-13663
Cross Site Request Forgery vulnerability in Drupal Core Form API does not properly handle certain form input from cross-site requests, which can lead to other vulnerabilities...
Cross site request forgery (csrf)
Cross Site Request Forgery vulnerability in Drupal Core Form API does not properly handle certain form input from cross-site requests, which can lead to other vulnerabilities...
CVE-2020-13663
Cross Site Request Forgery vulnerability in Drupal Core Form API does not properly handle certain form input from cross-site requests, which can lead to other vulnerabilities...
CVE-2020-13663
Removed by vendor...
CVE-2020-13663
Cross Site Request Forgery vulnerability in Drupal Core Form API does not properly handle certain form input from cross-site requests, which can lead to other vulnerabilities...
CVE-2020-13663
Cross Site Request Forgery vulnerability in Drupal Core Form API does not properly handle certain form input from cross-site requests, which can lead to other vulnerabilities...
CVE-2020-13663
CVE-2020-13663 affects Drupal Core Form API, where improper handling of certain cross-site request form input could enable other vulnerabilities. The issue concerns Drupal’s core, specifically its Form API processing. Impact is stated as enabling related vulnerabilities (no explicit exploitation ...
Security Bulletin: IBM API Connect is vulnerable to cross-site request forgery (CSRF) (CVE-2020-13663)
Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2020-13663 DESCRIPTION: Drupal core is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input by the Form API. By persuading an authenticated user to visit a...
FreeBSD : drupal -- Multiple Vulnerabilities (b51d5391-bb76-11ea-9172-4c72b94353b5)
Drupal Security Team reports : The Drupal core Form API does not properly handle certain form input from cross-site requests, which can lead to other vulnerabilities. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML...
Debian DLA-2263-1 : drupal7 security update
CVE-2020-13663 - Drupal SA 2020-004 The Drupal core Form API does not properly handle certain form input from cross-site requests, which can lead to other vulnerabilities. For Debian 8 'Jessie', this problem has been fixed in version 7.32-1+deb8u19. We recommend that you upgrade your drupal7...
[SECURITY] [DLA 2263-1] drupal7 security update
Package : drupal7 Version : 7.32-1+deb8u19 CVE ID : CVE-2020-13663 Debian Bug : CVE-2020-13663 - Drupal SA 2020-004 The Drupal core Form API does not properly handle certain form input from cross-site requests, which can lead to other vulnerabilities. For Debian 8 "Jessie", this problem has been...
Drupal 7.x < 7.72 Multiple Vulnerabilities
According to its self-reported version, the instance of Drupal running on the remote web server is 7.0.x prior to 7.72, 8.8.x prior to 8.8.8, 8.9.x prior to 8.9.1 or 9.0.x prior to 9.0.1. It is, therefore, affected by multilple vulnerabilities : - A Cross-Site Request Forgery CSRF due to...
Drupal 9.0.x < 9.0.1 Multiple Vulnerabilities
According to its self-reported version, the instance of Drupal running on the remote web server is 7.0.x prior to 7.72, 8.8.x prior to 8.8.8, 8.9.x prior to 8.9.1 or 9.0.x prior to 9.0.1. It is, therefore, affected by multilple vulnerabilities : - A Cross-Site Request Forgery CSRF due to...
Cross-Site Request Forgery (CSRF)
drupal/drupal is vulnerable to cross-site request forgery CSRF. The Form API does not properly handle certain form input from cross-site requests, which allow remote attackers to submit requests on behalf of the authenticated user...
Drupal cross-site request forgery vulnerability (CNVD-2021-36607)
Drupal is an open source content management system developed by the Drupal community using the PHP language. A cross-site request forgery vulnerability exists in the Drupal core Form API, which stems from the program failing to properly process form input. An attacker can exploit this vulnerabili...
Vulnerability fixed in Drupal
Drupal has fixed a vulnerability in the Form API of the Drupal Core. The vulnerability allows a remote malicious party to able to perform a Cross-Site Request Forgery attack XSRF. A successful attack could thereby lead to consequential damage such as the obtaining sensitive data from a domain to...
Drupal core - Critical - Cross Site Request Forgery - SA-CORE-2020-004
The Drupal core Form API does not properly handle certain form input from cross-site requests, which can lead to other vulnerabilities...
drupal -- Multiple Vulnerabilities
Drupal Security Team reports: The Drupal core Form API does not properly handle certain form input from cross-site requests, which can lead to other vulnerabilities...
Debian: Security Advisory (DLA-2162-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...