CVE-2010-4519: CSRF

First published: Thu Dec 23 2010(Updated: )

Multiple cross-site request forgery (CSRF) vulnerabilities in the Views UI implementation in the Views module 5.x before 5.x-1.8 and 6.x before 6.x-2.11 for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) enable all Views or (2) disable all Views.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
Earl Miles Views	=5.x-1.0
Earl Miles Views	=5.x-1.1-beta
Earl Miles Views	=5.x-1.2-beta1
Earl Miles Views	=5.x-1.3-beta1
Earl Miles Views	=5.x-1.4-rc1
Earl Miles Views	=5.x-1.4-2-rc1
Earl Miles Views	=5.x-1.5
Earl Miles Views	=5.x-1.6
Earl Miles Views	=5.x-1.6-beta
Earl Miles Views	=5.x-1.6-beta2
Earl Miles Views	=5.x-1.6-beta3
Earl Miles Views	=5.x-1.6-beta4
Earl Miles Views	=5.x-1.6-beta5
Earl Miles Views	=5.x-1.7
Earl Miles Views	=5.x-1.x-dev
Drupal Drupal
Earl Miles Views	=6.x-2.0
Earl Miles Views	=6.x-2.0-alpha1
Earl Miles Views	=6.x-2.0-alpha2
Earl Miles Views	=6.x-2.0-alpha3
Earl Miles Views	=6.x-2.0-alpha4
Earl Miles Views	=6.x-2.0-alpha5
Earl Miles Views	=6.x-2.0-beta1
Earl Miles Views	=6.x-2.0-beta2
Earl Miles Views	=6.x-2.0-beta3
Earl Miles Views	=6.x-2.0-beta4
Earl Miles Views	=6.x-2.0-rc1
Earl Miles Views	=6.x-2.0-rc2
Earl Miles Views	=6.x-2.0-rc3
Earl Miles Views	=6.x-2.0-rc4
Earl Miles Views	=6.x-2.0-rc5
Earl Miles Views	=6.x-2.1
Earl Miles Views	=6.x-2.2
Earl Miles Views	=6.x-2.3
Earl Miles Views	=6.x-2.4
Earl Miles Views	=6.x-2.5
Earl Miles Views	=6.x-2.6
Earl Miles Views	=6.x-2.7
Earl Miles Views	=6.x-2.8
Earl Miles Views	=6.x-2.9
Earl Miles Views	=6.x-2.10
Earl Miles Views	=6.x-2.x-dev
Earl Miles Views	=6.x-3.0-alpha1
Earl Miles Views	=6.x-3.0-alpha2
Earl Miles Views	=6.x-3.0-alpha3
Earl Miles Views	=6.x-3.x-dev

Never miss a vulnerability like this again

Reference Links

collector/nvd-historical
collector/nvd-index
agent/references
agent/type
agent/first-publish-date
agent/author
agent/severity
agent/weakness
agent/remedy
agent/last-modified-date
agent/softwarecombine
agent/description
agent/event
agent/tags
collector/mitre-cve
source/MITRE
vendor/earl miles
canonical/earl miles views
version/earl miles views/5.x-1.0
version/earl miles views/5.x-1.1-beta
version/earl miles views/5.x-1.2-beta1
version/earl miles views/5.x-1.3-beta1
version/earl miles views/5.x-1.4-rc1
version/earl miles views/5.x-1.4-2-rc1
version/earl miles views/5.x-1.5
version/earl miles views/5.x-1.6
version/earl miles views/5.x-1.6-beta
version/earl miles views/5.x-1.6-beta2
version/earl miles views/5.x-1.6-beta3
version/earl miles views/5.x-1.6-beta4
version/earl miles views/5.x-1.6-beta5
version/earl miles views/5.x-1.7
version/earl miles views/5.x-1.x-dev
vendor/drupal
canonical/drupal drupal
version/earl miles views/6.x-2.0
version/earl miles views/6.x-2.0-alpha1
version/earl miles views/6.x-2.0-alpha2
version/earl miles views/6.x-2.0-alpha3
version/earl miles views/6.x-2.0-alpha4
version/earl miles views/6.x-2.0-alpha5
version/earl miles views/6.x-2.0-beta1
version/earl miles views/6.x-2.0-beta2
version/earl miles views/6.x-2.0-beta3
version/earl miles views/6.x-2.0-beta4
version/earl miles views/6.x-2.0-rc1
version/earl miles views/6.x-2.0-rc2
version/earl miles views/6.x-2.0-rc3
version/earl miles views/6.x-2.0-rc4
version/earl miles views/6.x-2.0-rc5
version/earl miles views/6.x-2.1
version/earl miles views/6.x-2.2
version/earl miles views/6.x-2.3
version/earl miles views/6.x-2.4
version/earl miles views/6.x-2.5
version/earl miles views/6.x-2.6
version/earl miles views/6.x-2.7
version/earl miles views/6.x-2.8
version/earl miles views/6.x-2.9
version/earl miles views/6.x-2.10
version/earl miles views/6.x-2.x-dev
version/earl miles views/6.x-3.0-alpha1
version/earl miles views/6.x-3.0-alpha2
version/earl miles views/6.x-3.0-alpha3
version/earl miles views/6.x-3.x-dev

CVE-2010-4519: CSRF

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact