Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-0272)

Description

Cross-site request forgery (CSRF) vulnerability in the aggregator module in Drupal 4.7.x before 4.7.11 and 5.x before 5.6 allows remote attackers to delete items from a feed as privileged users.

Remediation

References

CVE-2008-0272

Related Vulnerabilities

Apache HTTP Server Other Vulnerability (CVE-2009-3095)

WordPress Plugin Google +1 by BestWebSoft Cross-Site Scripting (1.3.3)

WordPress 3.9.x Same Origin Method Execution (SOME) Vulnerability (3.9 - 3.9.11)

PHP Other Vulnerability (CVE-2007-1380)

WordPress Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-8942)

Severity

Medium

Classification

CVE-2008-0272 CWE-352