Lucene search
HistoryOct 24, 2006 - 8:07 p.m.
CVE-2006-5476
cve-2006-5476
csrf
vulnerability
drupal
4.6.x
4.7.x
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7 High
AI Score
Confidence
Low
0.018 Low
EPSS
Percentile
88.3%
Cross-site request forgery (CSRF) vulnerability in Drupal 4.6.x before 4.6.10 and 4.7.x before 4.7.4 allows remote attackers to perform unauthorized actions as an arbitrary user via unspecified vectors.
Affected configurations
Node
drupaldrupalMatch4.6.0
ORdrupaldrupalMatch4.6.1
ORdrupaldrupalMatch4.6.2
ORdrupaldrupalMatch4.6.3
ORdrupaldrupalMatch4.6.4
ORdrupaldrupalMatch4.6.5
ORdrupaldrupalMatch4.6.6
ORdrupaldrupalMatch4.6.7
ORdrupaldrupalMatch4.6.8
ORdrupaldrupalMatch4.6.9
ORdrupaldrupalMatch4.7.0
ORdrupaldrupalMatch4.7.1
ORdrupaldrupalMatch4.7.2
ORdrupaldrupalMatch4.7.3
References
Related
cvelist
cvelist
CVE-2006-5476
2006-10-24 20:00:00
CVE-2007-2160
2007-04-22 19:00:00
nvd
nvd
CVE-2006-5476
2006-10-24 20:07:00
CVE-2007-2160
2007-04-22 19:19:00
ubuntucve
ubuntucve
CVE-2006-5476
2006-10-24 00:00:00
cve
cve
CVE-2007-2160
2007-04-22 19:19:00
prion
prion
Cross site request forgery (csrf)
2007-04-22 19:19:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7 High
AI Score
Confidence
Low
0.018 Low
EPSS
Percentile
88.3%
Related for CVE-2006-5476