Cross site request forgery (csrf)

2013-03-1914:55:00

PRIOn knowledge base

www.prio-n.com

7.8 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

46.9%

JSON

Cross-site request forgery (CSRF) vulnerability in the RESTful Web Services (restws) module 7.x-1.x before 7.x-1.2 and 7.x-2.x before 7.x-2.0-alpha4 for Drupal allows remote attackers to hijack the authentication of arbitrary users via unknown vectors.

CPENameOperatorVersion
restful_web_serviceseq>= 7.x1.0 AND < 7.x1.2
restful_web_serviceseq7.120.20
restful_web_serviceseq7.x-2.0 alpha1
restful_web_serviceseq7.x-2.0 alpha2
restful_web_serviceseq7.x-2.0 alpha3

Name	Operator	Version
restful_web_services	eq	>= 7.x1.0 AND < 7.x1.2
restful_web_services	eq	7.120.20
restful_web_services	eq	7.x-2.0 alpha1
restful_web_services	eq	7.x-2.0 alpha2
restful_web_services	eq	7.x-2.0 alpha3