6.8
CVSSv2

CVE-2012-4486

Published: 02/11/2012 Updated: 06/11/2012
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

Cross-site request forgery (CSRF) vulnerability in the Subuser module prior to 6.x-1.8 for Drupal allows remote malicious users to hijack the authentication of arbitrary users for requests that switch the user to a subuser via unspecified vectors.

Vulnerable Product Search on Vulmon Subscribe to Product

boombatower subuser 6.x-1.0

boombatower subuser 6.x-1.1

boombatower subuser 6.x-1.2

boombatower subuser 6.x-1.3

boombatower subuser 6.x-1.4

boombatower subuser 6.x-1.5

boombatower subuser 6.x-1.6

boombatower subuser

boombatower subuser 6.x-1.x