Drupal Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2008-3744 - Vulnerability Database

Drupal Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2008-3744

Medium

Reference: CVE-2008-3744

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2008-3744

Title: Drupal Cross-Site Request Forgery (CSRF) Vulnerability

Overview:

Multiple cross-site request forgery (CSRF) vulnerabilities in Drupal 5.x before 5.10 and 6.x before 6.4 allow remote attackers to hijack the authentication of administrators for requests that (1) add or (2) delete user access rules.