Lucene search
HistoryOct 03, 2022 - 4:15 p.m.
CVE-2013-0205
cve-2013-0205
csrf
vulnerability
drupal
restful web services
restws
nvd
security
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.5 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
46.8%
Cross-site request forgery (CSRF) vulnerability in the RESTful Web Services (restws) module 7.x-1.x before 7.x-1.2 and 7.x-2.x before 7.x-2.0-alpha4 for Drupal allows remote attackers to hijack the authentication of arbitrary users via unknown vectors.
Affected configurations
Node
restful_web_services_projectrestful_web_servicesRange7.x-1.0–7.x-1.2drupal
ORrestful_web_services_projectrestful_web_servicesMatch7.x-2.0-drupal
ORrestful_web_services_projectrestful_web_servicesMatch7.x-2.0alpha1drupal
ORrestful_web_services_projectrestful_web_servicesMatch7.x-2.0alpha2drupal
ORrestful_web_services_projectrestful_web_servicesMatch7.x-2.0alpha3drupal
drupaldrupalRange7.0–7.82
Related
prion
prion
Cross site request forgery (csrf)
2013-03-19 14:55:00
drupal
drupal
SA-CONTRIB-2013-003 - RESTful Web Services - Cross site request forgery (CSRF)
2013-01-16 00:00:00
nvd
nvd
CVE-2013-0205
2013-03-19 14:55:01
cvelist
cvelist
CVE-2013-0205
2022-10-03 16:15:04
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.5 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
46.8%
Related for CVE-2013-0205