NVD

Id
546  
Name
CVE-2008-0571  
Description
The point moderation form in the Userpoints 4.7.x before 4.7.x-2.3, 5.x-2 before 5.x-2.16, and 5.x-3 before 5.x-3.3 module for Drupal does not follow Drupal"s Forms API submission model, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and manipulate points.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-03  
Published
2008-02-04  
Modified Date
2011-03-07  
Seq
2008-0571  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
3581 546 CVE-2008-0571 http://drupal.org/node/216023  View
3582 546 CVE-2008-0571 ADV-2008-0375  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
46784 JVNDB-2008-002094 Drupal におけるクロスサイトリクエストフォージェリの脆弱性 Drupal の Userpoints モジュールには、クロスサイトリクエストフォージェリの脆弱性が存在します。 CVE-2008-0571 30684 CVE-2008-0571 546 4.3 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002094.html 2008-02-05 2008-12-24 View