CVE

Id
55304  
CVE No.
CVE-2012-2061  
Status
Candidate  
Description
Cross-site request forgery (CSRF) vulnerability in the Admin tools module for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors involving "not checking tokens."  
Phase
Assigned (20120404)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
577688 55304 CVE-2012-2061 MLIST:[oss-security] 20120406 CVE"s for Drupal Contrib 2012 001 through 057 (67 new CVE assignments)  View
577689 55304 CVE-2012-2061 URL:http://www.openwall.com/lists/oss-security/2012/04/07/1  View
577690 55304 CVE-2012-2061 MISC:http://drupal.org/node/1482126  View
577691 55304 CVE-2012-2061 BID:52502  View
577692 55304 CVE-2012-2061 URL:http://www.securityfocus.com/bid/52502  View
577693 55304 CVE-2012-2061 XF:admintools-drupal-csrf(74058)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
28376 JVNDB-2012-004083 Drupal 用 FCKeditor および CKEditor モジュールにおけるクロスサイトスクリプティングの脆弱性 Drupal 用 FCKeditor および CKEditor モジュールには、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2012-2066 55304 4.3 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004083.html  View