Description

Cross Site Request Forgery vulnerability in Drupal Core Form API does not properly handle certain form input from cross-site requests, which can lead to other vulnerabilities.

Remediation

References

CVE-2020-13663

Related Vulnerabilities

WordPress Plugin Events Registration with PayPal IPN Multiple SQL Injection Vulnerabilities (2.1.2)

WordPress Plugin Data Tables Generator by Supsystic Security Bypass (1.10.25)

Oracle Application Server Resource Management Errors Vulnerability (CVE-2007-2120)

MediaWiki Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-35624)

Joomla! Core Security Bypass (1.6.2 - 3.9.10)

Severity

High

Classification

CVE-2020-13663 CWE-352 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities