|
|
CVE Reference: CVE-2007-4063 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-4063 |
|
|
Description: Multiple cross-site request forgery (CSRF) vulnerabilities in Drupal 5.x before 5.2 allow remote attackers to (1) delete comments, (2) delete content revisions, and (3) disable menu items as privileged users, related to improper use of HTTP GET and the Forms API. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/35639 SAID Secunia Advisory: SA26224 OSVDB 37898 CONFIRM http://drupal.org/files/sa-2007-017/advisory.txt BID 25099 |
|
| Return to the previous page. |
