7.5
CVE-2006-5476
- EPSS 1.77%
- Veröffentlicht 24.10.2006 20:07:00
- Zuletzt bearbeitet 16.06.2026 22:31:17
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Cross-site request forgery (CSRF) vulnerability in Drupal 4.6.x before 4.6.10 and 4.7.x before 4.7.4 allows remote attackers to perform unauthorized actions as an arbitrary user via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.77% | 0.752 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://secunia.com/advisories/22486
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.025-drupal.html
http://www.vupen.com/english/advisories/2006/4120
http://drupal.org/node/88828
http://securityreason.com/securityalert/1765
http://www.securityfocus.com/archive/1/449199/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/29679