CVE-2012-5556
03.12.2012, 21:55
Multiple cross-site request forgery (CSRF) vulnerabilities in the RESTful Web Services (RESTWS) module 7.x-1.x before 7.x-1.1 and 7.x-2.x before 7.x-2.0-alpha3 for Drupal allow remote attackers to hijack the authentication of arbitrary users via unknown vectors.
| Vendor | Product | Version |
|---|---|---|
| restful_web_services_project | restful_web_services | 7.x-1.0:x |
| restful_web_services_project | restful_web_services | 7.x-1.0:x |
| restful_web_services_project | restful_web_services | 7.x-1.0:x |
| restful_web_services_project | restful_web_services | 7.x-1.x:x |
| restful_web_services_project | restful_web_services | 7.x-2.0:x |
| restful_web_services_project | restful_web_services | 7.x-2.0:x |
| restful_web_services_project | restful_web_services | 7.x-2.x:x |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References