Description

Cross-site request forgery (CSRF) vulnerability in Drupal 4.6.x before 4.6.10 and 4.7.x before 4.7.4 allows remote attackers to perform unauthorized actions as an arbitrary user via unspecified vectors.

Remediation

References

CVE-2006-5476

Related Vulnerabilities

WordPress Plugin WP-Download 'dl_id' Parameter SQL Injection (1.2)

WordPress Plugin Eventr SQL Injection (1.02.2)

Oracle JRE CVE-2014-0448 Vulnerability (CVE-2014-0448)

MySQL CVE-2012-1705 Vulnerability (CVE-2012-1705)

WordPress Plugin WHIZZ Cross-Site Scripting (1.0.7)

Severity

High

Classification

CVE-2006-5476

Tags

Missing Update Known Vulnerabilities