Description

Cross-site request forgery (CSRF) vulnerability in the Aggregator module in Drupal 6.x before 6.23 and 7.x before 7.11 allows remote attackers to hijack the authentication of unspecified victims for requests that update feeds and possibly cause a denial of service (loss of updates due to rate limit) via unspecified vectors.

Remediation

References

CVE-2012-0826

Related Vulnerabilities

WordPress Plugin WordPress prettyPhoto Cross-Site Scripting (1.1)

WordPress 5.9.x Multiple Vulnerabilities (5.9 - 5.9.1)

WordPress Plugin Ditty WordPress-Responsive Slider, List, and Ticker Display Cross-Site Scripting (3.0.14)

Apache HTTP Server Off-by-one Error Vulnerability (CVE-2005-1268)

WebLogic CVE-2021-2109 Vulnerability (CVE-2021-2109)

Severity

Medium

Classification

CVE-2012-0826 CWE-352

Tags

Missing Update Known Vulnerabilities