CSRF Vulnerability in Drupal Localization Client and Server Products
CVE-2008-6169

Currently unrated

Key Information:

Vendor: Drupal
Status: Localization Client; Localization Server
Vendor: CVE Published:; 19 February 2009

Summary

A Cross-Site Request Forgery (CSRF) vulnerability exists in the Localization client and server modules of Drupal. This security flaw allows remote attackers to execute unauthorized actions as administrators on affected systems through undefined methods associated with the 'local translation submission interface.' Users of affected versions should update their modules to mitigate potential exploitation.

References

http://secunia.com/advisories/32388

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/46044

vdb-entryx_refsource_XF

http://drupal.org/node/324862

x_refsource_CONFIRM

Timeline

Vulnerability published
Feb 19, 2009
Vulnerability Reserved
Feb 19, 2009