CVE-2008-0272 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2008-0272
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-0272

Description: Cross-site request forgery (CSRF) vulnerability in the aggregator module in Drupal 4.7.x before 4.7.11 and 5.x before 5.6 allows remote attackers to delete items from a feed as privileged users.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/39617 SAID Secunia Advisory: SA28486 Secunia Advisory: SA28422 CONFIRM http://www.vbdrupal.org/forum/showthread.php?t=1349 http://www.vbdrupal.org/forum/showthread.php?p=6878 http://drupal.org/node/208562 BID 27238

Return to the previous page.