Description

Multiple cross-site request forgery (CSRF) vulnerabilities in Drupal 5.x before 5.2 allow remote attackers to (1) delete comments, (2) delete content revisions, and (3) disable menu items as privileged users, related to improper use of HTTP GET and the Forms API.

Remediation

References

CVE-2007-4063

Related Vulnerabilities

phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-2428)

MySQL CVE-2013-3839 Vulnerability (CVE-2013-3839)

WordPress Plugin Coming Soon Page & Maintenance Mode Cross-Site Request Forgery (1.7.8)

WordPress Plugin WP-Matomo (WP-Piwik) Cross-Site Scripting (1.0.10)

RubyGems Improper Verification of Cryptographic Signature Vulnerability (CVE-2018-1000076)

Severity

Medium

Classification

CVE-2007-4063

Tags

Missing Update Known Vulnerabilities