CVE-2012-2307

plaatsoft addressbook < 6.x-4.2 - Cross-Site Request Forgery

Title source: llm
STIX 2.1

Description

Cross-site request forgery (CSRF) vulnerability in the Addressbook module for Drupal 6.x-4.2 and earlier allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

References (3)

Core 3
Core References
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/05/03/2
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/05/03/1
Vendor Advisory x_refsource_misc
http://drupal.org/node/1557868

Scores

EPSS 0.0064
EPSS Percentile 46.2%

Details

CWE
CWE-352
Status published
Products (9)
plaatsoft/addressbook 5.x-3.3
plaatsoft/addressbook 5.x-3.5
plaatsoft/addressbook 6.x-3.4
plaatsoft/addressbook 6.x-3.5
plaatsoft/addressbook 6.x-3.6
plaatsoft/addressbook 6.x-3.7
plaatsoft/addressbook 6.x-4.0
plaatsoft/addressbook 6.x-4.1
plaatsoft/addressbook < 6.x-4.2
Published Jul 25, 2012
Tracked Since Feb 18, 2026