WEB APPLICATION VULNERABILITIES Standard & Premium

Drupal Other Vulnerability (CVE-2007-4063)

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in Drupal 5.x before 5.2 allow remote attackers to (1) delete comments, (2) delete content revisions, and (3) disable menu items as privileged users, related to improper use of HTTP GET and the Forms API.

Remediation

References

Related Vulnerabilities

WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5776)

jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23064)

WordPress Plugin Frontend Post WordPress-AccessPress Anonymous Post includes Backdoor [Only if downloaded via the vendor website] (2.8.0)

Vulnerable package dependencies [low]

Oracle Database Server CVE-2007-2116 Vulnerability (CVE-2007-2116)

Severity

Medium

Classification

Tags

Missing Update Known Vulnerabilities