NVD

Id
3608  
Name
CVE-2008-3743  
Description
Multiple cross-site request forgery (CSRF) vulnerabilities in forms in Drupal 6.x before 6.4 allow remote attackers to perform unspecified actions via unknown vectors, related to improper token validation for (1) cached forms and (2) forms with AHAH elements.  
Reject
 
CVSS Version
2  
CVSS Score
5.8  
Severity
Medium  
CVSS Base Score
5.8  
CVSS Impact Subscore
4.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:P)  
Pub Date
2017-01-03  
Published
2008-08-27  
Modified Date
2011-03-07  
Seq
2008-3743  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
22809 3608 CVE-2008-3743 http://drupal.org/node/295053  View
22810 3608 CVE-2008-3743 30689  View
22811 3608 CVE-2008-3743 ADV-2008-2392  View
22812 3608 CVE-2008-3743 drupal-ahah-csrf(44453)  View
22813 3608 CVE-2008-3743 https://bugzilla.redhat.com/show_bug.cgi?id=459108  View
22814 3608 CVE-2008-3743 FEDORA-2008-7467  View
22815 3608 CVE-2008-3743 FEDORA-2008-7626  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
46593 JVNDB-2008-001903 Drupal のフォームにおける不適当なトークン検証に関するクロスサイトリクエストフォージェリの脆弱性 Drupal のフォームには、不適当なトークン検証に関連したクロスサイトリクエストフォージェリの脆弱性が存在します。 CVE-2008-3743 33856 CVE-2008-3743 3608 5.8 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001903.html 2008-08-13 2008-12-01 View