WEB APPLICATION VULNERABILITIES Standard & Premium

Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-0826)

Description

Cross-site request forgery (CSRF) vulnerability in the Aggregator module in Drupal 6.x before 6.23 and 7.x before 7.11 allows remote attackers to hijack the authentication of unspecified victims for requests that update feeds and possibly cause a denial of service (loss of updates due to rate limit) via unspecified vectors.

Remediation

References

Related Vulnerabilities

Jboss EAP Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2022-0853)

PHP Integer Overflow or Wraparound Vulnerability (CVE-2019-11039)

WordPress Plugin Custom Field Template Cross-Site Request Forgery (2.5.1)

WordPress Plugin AdKlick Advertising Management Unspecified Vulnerability (1.1)

WordPress Plugin WP Cerber Security, Anti-spam & Malware Scan Cross-Site Request Forgery (2.7.2)

Severity

Medium

Classification

CVE-2012-0826 CWE-352

Tags

Missing Update Known Vulnerabilities