CVE-2012-4478

Drag & Drop Gallery 6.x - Cross-Site Request Forgery

Title source: llm
STIX 2.1

Description

Cross-site request forgery (CSRF) vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to hijack the authentication of administrators.

References (2)

Core 2
Core References
Patch, Vendor Advisory x_refsource_misc
http://drupal.org/node/1679442
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/10/04/5

Scores

EPSS 0.0057
EPSS Percentile 43.1%

Details

CWE
CWE-352
Status published
Products (1)
david_alkire/drag_\&_drop_gallery 6.x-1.5
Published Nov 30, 2012
Tracked Since Feb 18, 2026