Vulnerability Description
Cross-site request forgery (CSRF) vulnerability in the Ubercart Bulk Stock Updater module for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors related to formAPI.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Miura | Ubercart Bulk Stock Updater | - |
| Drupal | Drupal | - |
Related Weaknesses (CWE)
References
- http://drupal.org/node/1482126Vendor Advisory
- http://www.openwall.com/lists/oss-security/2012/04/07/1
- http://www.securityfocus.com/bid/52502
- https://exchange.xforce.ibmcloud.com/vulnerabilities/74054
- http://drupal.org/node/1482126Vendor Advisory
- http://www.openwall.com/lists/oss-security/2012/04/07/1
- http://www.securityfocus.com/bid/52502
- https://exchange.xforce.ibmcloud.com/vulnerabilities/74054
FAQ
What is CVE-2012-2057?
CVE-2012-2057 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Cross-site request forgery (CSRF) vulnerability in the Ubercart Bulk Stock Updater module for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors rel...
How severe is CVE-2012-2057?
CVE-2012-2057 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-2057?
Check the references section above for vendor advisories and patch information. Affected products include: Miura Ubercart Bulk Stock Updater, Drupal Drupal.