Unrated severityNVD Advisory· Published Jun 24, 2013· Updated Jun 16, 2026
CVE-2013-1972
CVE-2013-1972
Description
Cross-site request forgery (CSRF) vulnerability in the elFinder file manager module 6.x-0.x before 6.x-0.8 and 7.x-0.x before 7.x-0.8 for Drupal allows remote attackers to hijack the authentication of unspecified victims to create, modify, or delete files via unknown vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8cpe:2.3:a:alexey_sukhotin:elfinder:6.x-0.4-beta1:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:alexey_sukhotin:elfinder:6.x-0.4-beta1:*:*:*:*:*:*:*
- cpe:2.3:a:alexey_sukhotin:elfinder:6.x-0.4-beta3:*:*:*:*:*:*:*
- cpe:2.3:a:alexey_sukhotin:elfinder:6.x-0.5-beta2:*:*:*:*:*:*:*
- cpe:2.3:a:alexey_sukhotin:elfinder:6.x-0.6:*:*:*:*:*:*:*
- cpe:2.3:a:alexey_sukhotin:elfinder:6.x-0.7:*:*:*:*:*:*:*
- cpe:2.3:a:alexey_sukhotin:elfinder:7.x-0.6:*:*:*:*:*:*:*
- cpe:2.3:a:alexey_sukhotin:elfinder:7.x-0.7:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.