Description

Cross-site request forgery (CSRF) vulnerability in the Aggregator module in Drupal 6.x before 6.23 and 7.x before 7.11 allows remote attackers to hijack the authentication of unspecified victims for requests that update feeds and possibly cause a denial of service (loss of updates due to rate limit) via unspecified vectors.

Remediation

References

CVE-2012-0826

Related Vulnerabilities

MySQL CVE-2018-3073 Vulnerability (CVE-2018-3073)

MySQL CVE-2013-1566 Vulnerability (CVE-2013-1566)

WordPress Plugin Zingiri Web Shop Unspecified Vulnerability (2.6.5)

Apache Tomcat Improper Resource Shutdown or Release Vulnerability (CVE-2022-25762)

WordPress 6.1.x Multiple Vulnerabilities (6.1 - 6.1.4)

Severity

Medium

Classification

CVE-2012-0826 CWE-352

Tags

Missing Update Known Vulnerabilities