Description

Cross-site request forgery (CSRF) vulnerability in Drupal 6.x before 6.3 allows remote attackers to perform administrative actions via vectors involving deletion of OpenID identities.

Remediation

References

CVE-2008-3221

Related Vulnerabilities

Cherokee Improper Authentication Vulnerability (CVE-2014-4668)

WordPress Plugin One User Avatar-User Profile Picture Multiple Vulnerabilities (2.3.6)

WordPress Plugin YITH WooCommerce Ajax Search Unspecified Vulnerability (1.2.7)

Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-0059)

WordPress Plugin WP Shopify Cross-Site Scripting (2.0.4)

Severity

Medium

Classification

CVE-2008-3221 CWE-352

Tags

Missing Update Known Vulnerabilities