Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2012-2069

Cross-site request forgery (CSRF) vulnerability in the Wishlist module 6.x-2.x before 6.x-2.6 and 7.x-2.x before 7.x-2.6 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that insert cross-site scripting (XSS) sequences via the (1) wl_reveal or (2) q parameters.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 62.2%
CVSS Severity
CVSS v2 Score 6.8
References
Products affected by CVE-2012-2069
  • Drupal » Drupal » Version: N/A
    cpe:2.3:a:drupal:drupal:-
  • Mclewin » Wishlist » Version: 6.x-2.1
    cpe:2.3:a:mclewin:wishlist:6.x-2.1
  • Mclewin » Wishlist » Version: 6.x-2.2
    cpe:2.3:a:mclewin:wishlist:6.x-2.2
  • Mclewin » Wishlist » Version: 6.x-2.4
    cpe:2.3:a:mclewin:wishlist:6.x-2.4
  • Mclewin » Wishlist » Version: 7.x-2.5
    cpe:2.3:a:mclewin:wishlist:7.x-2.5
  • Mclewin » Wishlist » Version: 7.x-2.x
    cpe:2.3:a:mclewin:wishlist:7.x-2.x


Products
Pricing
Contact Us

Shodan ® - All rights reserved