NVD

Id
43930  
Name
CVE-2012-2077  
Description
Cross-site request forgery (CSRF) vulnerability in the ShareThis module 7.x-2.x before 7.x-2.3 for Drupal allows remote attackers to hijack the authentication of users with administer sharethis permissions via unknown vectors "outside of the Form API."  
Reject
 
CVSS Version
2  
CVSS Score
5.1  
Severity
Medium  
CVSS Base Score
5.1  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
4.9  
CVSS Vector
(AV:N/AC:H/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2012-08-14  
Modified Date
2012-08-15  
Seq
2012-2077  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
220632 43930 CVE-2012-2077 http://drupal.org/node/1504746  View
220633 43930 CVE-2012-2077 http://drupal.org/node/1506448  View
220634 43930 CVE-2012-2077 http://drupalcode.org/project/sharethis.git/commit/11f247a  View
220635 43930 CVE-2012-2077 [oss-security] 20120406 CVE"s for Drupal Contrib 2012 001 through 057 (67 new CVE assignments)  View
220636 43930 CVE-2012-2077 52778  View
220637 43930 CVE-2012-2077 drupal-sharethis-administrationforms-csrf(74518)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
27980 JVNDB-2012-003687 Drupal 用 ShareThis モジュールにおけるクロスサイトリクエストフォージェリの脆弱性 Drupal 用 ShareThis モジュールには、クロスサイトリクエストフォージェリの脆弱性が存在します。 CVE-2012-2077 55315 CVE-2012-2077 43930 5.1 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003687.html 2012-03-28 2012-08-17 View