Vulnerabilities > CVE-2006-5477 - Unspecified vulnerability in Drupal

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

drupal

NVD

Published: 2006-10-24

Updated: 2018-10-17

Summary

Drupal 4.6.x before 4.6.10 and 4.7.x before 4.7.4 allows form submissions to be redirected, which allows remote attackers to obtain arbitrary form information via a crafted URL.

Vulnerable Configurations

Part	Description	Count
Application	Drupal Drupal Drupal 4.6.0 Drupal Drupal 4.6.5 Drupal Drupal 4.7.2 Drupal Drupal 4.6.9 Drupal Drupal 4.6.2 Drupal Drupal 4.6.8 Drupal Drupal 4.7.3 Drupal Drupal 4.6.3 Drupal Drupal 4.6.4 Drupal Drupal 4.7.0 Drupal Drupal 4.6.7 Drupal Drupal 4.6.1 Drupal Drupal 4.7.1 Drupal Drupal 4.6.6	14

References

http://drupal.org/node/88828
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.025-drupal.html
http://www.securityfocus.com/bid/20631
http://secunia.com/advisories/22486
http://securityreason.com/securityalert/1764
http://www.vupen.com/english/advisories/2006/4120
https://exchange.xforce.ibmcloud.com/vulnerabilities/29682
http://www.securityfocus.com/archive/1/449200/100/0/threaded