Description
Multiple cross-site request forgery (CSRF) vulnerabilities in Drupal 5.x before 5.10 and 6.x before 6.4 allow remote attackers to hijack the authentication of administrators for requests that (1) add or (2) delete user access rules.
Remediation
References
Related Vulnerabilities
Artifactory Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-23163)
MySQL CVE-2024-21069 Vulnerability (CVE-2024-21069)
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-2101)
WordPress Plugin CalendApp Cross-Site Scripting (1.1)
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-5297)