CVE-2012-2061

Published Sep 17, 2012

Last updated 7 years ago

Overview

Description
Cross-site request forgery (CSRF) vulnerability in the Admin tools module for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors involving "not checking tokens."
Source
secalert@redhat.com
NVD status
Modified

Social media

Hype score
Not currently trending

Risk scores

CVSS 2.0

Type
Primary
Base score
6.8
Impact score
6.4
Exploitability score
8.6
Vector string
AV:N/AC:M/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov
CWE-352

Configurations