CVE-2008-6169

Currently unrated

Key Information:

Vendor: Drupal
Status: Localization Client; Localization Server
Vendor: CVE Published:; 19 February 2009

Summary

Cross-site request forgery (CSRF) vulnerability in the Localization client 5.x before 5.x-1.1 and 6.x before 6.x-1.6 and the Localization server 5.x before 5.x-1.0-alpha5 and 6.x before 6.x-alpha2, modules for Drupal, allows remote attackers to perform unauthorized actions as administrators via unspecified vectors related to the "local translation submission interface."

References

http://secunia.com/advisories/32388

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/46044

vdb-entryx_refsource_XF

http://drupal.org/node/324862

x_refsource_CONFIRM

Timeline

Vulnerability published
Feb 19, 2009
Vulnerability Reserved
Feb 19, 2009