Drupal JSON API Module Cross Site Request Forgery Vulnerability

Bugtraq ID: 104004
Class: Input Validation Error
CVE:
Remote: Yes
Local: No
Published: Apr 25 2018 12:00AM
Updated: Apr 25 2018 12:00AM
Credit: Mateu Aguiló Bosch (e0ipso)
Vulnerable: Drupal JSON API 8.x-1.9
Drupal JSON API 8.x-1.8
Drupal JSON API 8.x-1.7
Drupal JSON API 8.x-1.6
Drupal JSON API 8.x-1.5
Drupal JSON API 8.x-1.4
Drupal JSON API 8.x-1.3
Drupal JSON API 8.x-1.2
Drupal JSON API 8.x-1.15
Drupal JSON API 8.x-1.14
Drupal JSON API 8.x-1.13
Drupal JSON API 8.x-1.12
Drupal JSON API 8.x-1.11
Drupal JSON API 8.x-1.10
Drupal JSON API 8.x-1.1
Drupal JSON API 8.x-1.0
Not Vulnerable: Drupal JSON API 8.x-1.16


 

Privacy Statement
Copyright 2010, SecurityFocus