Description

Cross-site request forgery (CSRF) vulnerability in Drupal 5.x before 5.8 and 6.x before 6.3 allows remote attackers to perform administrative actions via vectors involving deletion of "translated strings."

Remediation

References

CVE-2008-3220

Related Vulnerabilities

WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2403)

Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-1041)

WordPress Plugin Improved user search in backend Cross-Site Request Forgery (1.2.4)

WordPress Plugin Live Chat for Fanpage Cross-Site Scripting (2.0.1)

WordPress Plugin Search Logger-Know What Your Visitors Search SQL Injection (0.9)

Severity

Medium

Classification

CVE-2008-3220 CWE-352

Tags

Missing Update Known Vulnerabilities