Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:60414
HistoryOct 08, 2012 - 12:00 a.m.

Drupal Password Policy模块跨站请求伪造和跨站脚本执行漏洞

2012-10-0800:00:00
Root
www.seebug.org
17

0.006 Low

EPSS

Percentile

77.8%

JSON

BUGTRAQ ID: 51385
CVE ID: CVE-2012-1633

Drupal是一款开源CMS,可以作为各种网站的内容管理平台。

Drupal Password Policy模块6.x-1.x 存在跨站脚本漏洞。可允许远程攻击者劫持管理员用户接通用户请求的验证。
0
Drupal Password Policy 6.X-1.X
厂商补丁:

Drupal

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://drupal.org/

Related

cve 1
cvelist 1
nvd 1
prion 1
drupal 1
cve
cve
CVE-2012-1633
2012-09-20 00:55:05
cvelist
cvelist
CVE-2012-1633
2012-09-20 00:00:00
nvd
nvd
CVE-2012-1633
2012-09-20 00:55:05
prion
prion
Cross site request forgery (csrf)
2012-09-20 00:55:00
drupal
drupal
SA-CONTRIB-2012-007 - Password Policy - Multiple vulnerabilities
2012-01-11 00:00:00

0.006 Low

EPSS

Percentile

77.8%

JSON
Related for SSV:60414
cve1cvelist1nvd1prion1drupal1