Description
Multiple cross-site request forgery (CSRF) vulnerabilities in Drupal 5.x before 5.10 and 6.x before 6.4 allow remote attackers to hijack the authentication of administrators for requests that (1) add or (2) delete user access rules.
Remediation
References
Related Vulnerabilities
OpenSSL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2018-0737)
WordPress Plugin AddToAny Share Buttons Cross-Site Scripting (1.7.45)
WordPress Plugin YITH Color and Label Variations for WooCommerce Security Bypass (1.8.11)
WordPress Plugin LazyEater Unspecified Vulnerability (1.2.1)
Undertow Unchecked Return Value Vulnerability (CVE-2022-1319)