Description
Multiple cross-site request forgery (CSRF) vulnerabilities in forms in Drupal 6.x before 6.4 allow remote attackers to perform unspecified actions via unknown vectors, related to improper token validation for (1) cached forms and (2) forms with AHAH elements.
Remediation
References
Related Vulnerabilities
WordPress Plugin JSON Content Importer Cross-Site Scripting (1.3.15)
WordPress Plugin Ocean Extra Security Bypass (1.5.8)
WordPress Other Vulnerability (CVE-2007-3140)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2080)
WordPress Plugin Easy Registration Forms Unspecified Vulnerability (1.8.4)