|Date: (C)2008-08-27 (M)2017-08-08|| |
Multiple cross-site request forgery (CSRF) vulnerabilities in Drupal 5.x before 5.10 and 6.x before 6.4 allow remote attackers to hijack the authentication of administrators for requests that (1) add or (2) delete user access rules.
|CVSS Score: 5.8||Access Vector: NETWORK|
|Exploit Score: 8.6||Access Complexity: MEDIUM|
|Impact Score: 4.9||Authentication: NONE|
| ||Confidentiality: NONE|
| ||Integrity: PARTIAL|
| ||Availability: PARTIAL|