Drupal Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2008-6532

Multiple cross-site request forgery (CSRF) vulnerabilities in the update feature in Drupal 5.x before 5.13 and 6.x before 6.7 allow remote attackers to perform unauthorized actions as the superuser via unspecified vectors as demonstrated by causing the superuser to quotexecute old updatesquot that modify the database.