CVE-2012-2305

Node Gallery < 6.x-3.1 - Cross-Site Request Forgery

Title source: llm
STIX 2.1

Description

Cross-site request forgery (CSRF) vulnerability in the Node Gallery module for Drupal 6.x-3.1 and earlier allows remote attackers to hijack the authentication of certain users for requests that create node galleries.

References (3)

Core 3
Core References
Vendor Advisory x_refsource_misc
http://drupal.org/node/1557852
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/05/03/2
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/05/03/1

Scores

EPSS 0.0064
EPSS Percentile 46.2%

Details

CWE
CWE-352
Status published
Products (1)
justin_ellison/node_gallery < 6.x-3.1
Published Jul 25, 2012
Tracked Since Feb 18, 2026