Description

Cross-site request forgery (CSRF) vulnerability in Drupal 6.x before 6.3 allows remote attackers to perform administrative actions via vectors involving deletion of OpenID identities.

Remediation

References

CVE-2008-3221

Related Vulnerabilities

Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-6283)

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-2571)

e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4083)

Joomla! Core 1.5.x Spam (1.5.0 - 1.5.22)

WebLogic CVE-2008-2579 Vulnerability (CVE-2008-2579)

Severity

Medium

Classification

CVE-2008-3221 CWE-352

Tags

Missing Update Known Vulnerabilities