QwikSec

Security Database

CVE

CWE

Training

CVE-2012-5547

Published: Dec 3, 2012

Modified: Sep 17, 2024

PUBLISHED

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in the Search API module 7.x-1.x before 7.x-1.3 for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) enable a server via a server action or (2) enable a search index via an enable index action.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://drupal.org/node/1815770

x_refsource_MISC

http://drupal.org/node/1815124

x_refsource_CONFIRM

[oss-security] 20121120 Re: CVE Request for Drupal Contributed Modules

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.