Description
Cross-site request forgery (CSRF) vulnerability in the Drag & Drop Gallery module 6.x for Drupal allows remote attackers to hijack the authentication of administrators.
References (2)
Core 2
Core References
Patch, Vendor Advisory x_refsource_misc
http://drupal.org/node/1679442
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/10/04/5
Scores
EPSS
0.0057
EPSS Percentile
43.1%
Details
CWE
CWE-352
Status
published
Products (1)
david_alkire/drag_\&_drop_gallery
6.x-1.5
Published
Nov 30, 2012
Tracked Since
Feb 18, 2026