Description

Cross-site request forgery (CSRF) vulnerability in the Aggregator module in Drupal 6.x before 6.23 and 7.x before 7.11 allows remote attackers to hijack the authentication of unspecified victims for requests that update feeds and possibly cause a denial of service (loss of updates due to rate limit) via unspecified vectors.

Remediation

References

CVE-2012-0826

Related Vulnerabilities

PostgreSQL Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2005-0227)

WordPress Plugin Site Offline Or Coming Soon Or Maintenance Mode Cross-Site Request Forgery (1.4.3)

WordPress Plugin Content Audit Multiple Vulnerabilities (1.9.1)

WordPress Plugin Vospari Forms Cross-Site Scripting (1.3)

Squid Improper Input Validation Vulnerability (CVE-2021-31808)

Severity

Medium

Classification

CVE-2012-0826 CWE-352

Tags

Missing Update Known Vulnerabilities