CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 1CVE-2012-2716
https://notcve.org/view.php?id=CVE-2012-2716
Cross-site request forgery (CSRF) vulnerability in the Comment Moderation module 6.x-1.x before 6.x-1.1 for Drupal allows remote attackers to hijack the authentication of administrators for requests that publish comments. Una vulnerabilidad de falsificación de peticiones en sitios cruzados(CSRF) en el módulo 'Comment Moderation' v6.x-1.x antes de v6.x-1.1 para Drupal permite a atacantes remotos secuestrar la autentificación de los administradores en las solicitudes que publican comentarios. • http://drupal.org/node/1538768 http://drupal.org/node/1608822 http://drupalcode.org/project/comment_moderation.git/commitdiff/f18c3de http://osvdb.org/82434 http://secunia.com/advisories/49326 http://www.securityfocus.com/bid/53738 https://exchange.xforce.ibmcloud.com/vulnerabilities/75998 • CWE-352: Cross-Site Request Forgery (CSRF) •