Lucene search
+L

16 matches found

UbuntuCve
UbuntuCve
added 2021/06/11 4:15 p.m.22 views

CVE-2020-13663

Cross Site Request Forgery vulnerability in Drupal Core Form API does not properly handle certain form input from cross-site requests, which can lead to other vulnerabilities...

8.8CVSS7.2AI score0.00695EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2021/06/11 3:7 p.m.27 views

CVE-2020-13663

Removed by vendor...

8.8CVSS8.7AI score0.00695EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2021/06/11 3:7 p.m.49 views

CVE-2020-13663

Cross Site Request Forgery vulnerability in Drupal Core Form API does not properly handle certain form input from cross-site requests, which can lead to other vulnerabilities...

8.8CVSS8.7AI score0.00695EPSS
Exploits0
CVE
CVE
added 2021/06/11 3:7 p.m.194 views

CVE-2020-13663

CVE-2020-13663 affects Drupal Core Form API, where improper handling of certain cross-site request form input could enable other vulnerabilities. The issue concerns Drupal’s core, specifically its Form API processing. Impact is stated as enabling related vulnerabilities (no explicit exploitation ...

8.8CVSS8.4AI score0.00695EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/10/06 9:21 p.m.23 views

Security Bulletin: IBM API Connect is vulnerable to cross-site request forgery (CSRF) (CVE-2020-13663)

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2020-13663 DESCRIPTION: Drupal core is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input by the Form API. By persuading an authenticated user to visit a...

8.8CVSS1AI score0.00695EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2020/09/14 12:0 a.m.37 views

Fedora: Security Advisory for drupal7 (FEDORA-2020-0b32a59b54)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.5AI score0.99019EPSS
Exploits11References4
Tenable Nessus
Tenable Nessus
added 2020/09/14 12:0 a.m.59 views

Fedora 32 : drupal7 (2020-0b32a59b54)

https://www.drupal.org/project/drupal/releases/7.72 - Drupal core - Critical - Cross Site Request Forgery - SA-CORE-2020-004 / CVE-2020-13663 - https://www.drupal.org/project/drupal/releases/7.71 - https://www.drupal.org/project/drupal/releases/7.70 - Drupal core - Moderately critical - Cross...

8.8CVSS6.8AI score0.99019EPSS
Exploits11References8
Tenable Nessus
Tenable Nessus
added 2020/09/14 12:0 a.m.52 views

Fedora 31 : drupal7 (2020-fbb94073a1)

https://www.drupal.org/project/drupal/releases/7.72 - Drupal core - Critical - Cross Site Request Forgery - SA-CORE-2020-004 / CVE-2020-13663 - https://www.drupal.org/project/drupal/releases/7.71 - https://www.drupal.org/project/drupal/releases/7.70 - Drupal core - Moderately critical - Cross...

8.8CVSS6.8AI score0.99019EPSS
Exploits11References8
Tenable Nessus
Tenable Nessus
added 2020/07/01 12:0 a.m.35 views

Debian DLA-2263-1 : drupal7 security update

CVE-2020-13663 - Drupal SA 2020-004 The Drupal core Form API does not properly handle certain form input from cross-site requests, which can lead to other vulnerabilities. For Debian 8 'Jessie', this problem has been fixed in version 7.32-1+deb8u19. We recommend that you upgrade your drupal7...

8.8CVSS7.4AI score0.00695EPSS
Exploits0References3
Debian
Debian
added 2020/06/30 9:1 a.m.46 views

[SECURITY] [DLA 2263-1] drupal7 security update

Package : drupal7 Version : 7.32-1+deb8u19 CVE ID : CVE-2020-13663 Debian Bug : CVE-2020-13663 - Drupal SA 2020-004 The Drupal core Form API does not properly handle certain form input from cross-site requests, which can lead to other vulnerabilities. For Debian 8 "Jessie", this problem has been...

8.8CVSS7.1AI score0.00695EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/06/26 12:0 a.m.39 views

Drupal 8.9.x < 8.9.1 Multiple Vulnerabilities

According to its self-reported version, the instance of Drupal running on the remote web server is 7.0.x prior to 7.72, 8.8.x prior to 8.8.8, 8.9.x prior to 8.9.1 or 9.0.x prior to 9.0.1. It is, therefore, affected by multilple vulnerabilities : - A Cross-Site Request Forgery CSRF due to...

9.8CVSS9.7AI score0.02978EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2020/06/26 12:0 a.m.37 views

Drupal 9.0.x < 9.0.1 Multiple Vulnerabilities

According to its self-reported version, the instance of Drupal running on the remote web server is 7.0.x prior to 7.72, 8.8.x prior to 8.8.8, 8.9.x prior to 8.9.1 or 9.0.x prior to 9.0.1. It is, therefore, affected by multilple vulnerabilities : - A Cross-Site Request Forgery CSRF due to...

9.8CVSS9.7AI score0.02978EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2020/06/26 12:0 a.m.55 views

Drupal 8.8.x < 8.8.8 Multiple Vulnerabilities

According to its self-reported version, the instance of Drupal running on the remote web server is 7.0.x prior to 7.72, 8.8.x prior to 8.8.8, 8.9.x prior to 8.9.1 or 9.0.x prior to 9.0.1. It is, therefore, affected by multilple vulnerabilities : - A Cross-Site Request Forgery CSRF due to...

9.8CVSS9.7AI score0.02978EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2020/06/22 12:0 a.m.28 views

Debian DSA-4706-1 : drupal7 - security update

It was discovered that Drupal, a fully-featured content management framework, was suspectible to cross site request forgery. For additional information, please refer to the upstream advisory at https://www.drupal.org/sa-core-2020-004 C Tenable Network Security, Inc. The descriptive text and packa...

8.8CVSS7.3AI score0.00695EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2020/06/19 12:0 a.m.26 views

Drupal 7.x, 8.x, 9.x CSRF Vulnerability (SA-CORE-2020-004) - Linux

Drupal is prone to a cross-site request forgery CSRF vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:drupal:drupal...

8.8CVSS8.7AI score0.00695EPSS
Exploits0References1
Debian
Debian
added 2020/06/18 8:24 p.m.83 views

[SECURITY] [DSA 4706-1] drupal7 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4706-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 18, 2020 https://www.debian.org/security/faq -...

8.8CVSS8.6AI score0.00695EPSS
Exploits0
Rows per page
Query Builder