Description
Multiple cross-site request forgery (CSRF) vulnerabilities in forms in Drupal 6.x before 6.4 allow remote attackers to perform unspecified actions via unknown vectors, related to improper token validation for (1) cached forms and (2) forms with AHAH elements.
Remediation
References
Related Vulnerabilities
WordPress Plugin EZ Google Analytics Cross-Site Scripting (4.1.06)
WordPress Plugin Clean Login Cross-Site Request Forgery (1.7.12)
WordPress Plugin Titan Framework Cross-Site Scripting (1.7.5)
Zope Web Application Server Other Vulnerability (CVE-2001-0567)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-7846)