Description

Cross-site request forgery (CSRF) vulnerability in Drupal 4.6.x before 4.6.10 and 4.7.x before 4.7.4 allows remote attackers to perform unauthorized actions as an arbitrary user via unspecified vectors.

Remediation

References

CVE-2006-5476

Related Vulnerabilities

Drupal Data Processing Errors Vulnerability (CVE-2017-6920)

TinyMCE Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-48219)

Jboss EAP Reachable Assertion Vulnerability (CVE-2020-25710)

Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-12167)

WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5715)

Severity

High

Classification

CVE-2006-5476

Tags

Missing Update Known Vulnerabilities