Unrated severityNVD Advisory· Published Jul 1, 2013· Updated Apr 29, 2026
CVE-2013-2158
CVE-2013-2158
Description
Cross-site request forgery (CSRF) vulnerability in the Services module 6.x-3.x and 7.x-3.x before 7.x-3.4 for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
Affected products
8cpe:2.3:a:services_project:services:6.x-3.0:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:services_project:services:6.x-3.0:*:*:*:*:*:*:*
- cpe:2.3:a:services_project:services:6.x-3.1:*:*:*:*:*:*:*
- cpe:2.3:a:services_project:services:6.x-3.2:*:*:*:*:*:*:*
- cpe:2.3:a:services_project:services:6.x-3.3:*:*:*:*:*:*:*
- cpe:2.3:a:services_project:services:7.x-3.0:*:*:*:*:*:*:*
- cpe:2.3:a:services_project:services:7.x-3.1:*:*:*:*:*:*:*
- cpe:2.3:a:services_project:services:7.x-3.2:*:*:*:*:*:*:*
- cpe:2.3:a:services_project:services:7.x-3.3:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- secunia.com/advisories/53649nvdVendor Advisory
- secunia.com/advisories/53661nvdVendor Advisory
- drupal.org/node/2012366nvdVendor Advisory
- drupal.org/node/2012982nvdVendor Advisory
- osvdb.org/93980nvd
- seclists.org/fulldisclosure/2013/Jun/23nvd
- www.securityfocus.com/bid/60356nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/84791nvd
News mentions
0No linked articles in our index yet.