Description

Cross-site request forgery (CSRF) vulnerability in Drupal 4.6.x before 4.6.10 and 4.7.x before 4.7.4 allows remote attackers to perform unauthorized actions as an arbitrary user via unspecified vectors.

Remediation

References

CVE-2006-5476

Related Vulnerabilities

MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-6454)

WordPress Plugin WooCommerce Multilingual-run WooCommerce with WPML Multiple Unspecified Vulnerabilities (3.5.4)

PHP Resource Management Errors Vulnerability (CVE-2010-2225)

YOURLS Improper Restriction of Rendered UI Layers or Frames Vulnerability (CVE-2021-3734)

WordPress Plugin Buddypress Xprofile Custom Fields Type Arbitrary File Deletion (2.6.3)

Severity

High

Classification

CVE-2006-5476

Tags

Missing Update Known Vulnerabilities