Cross-site request forgery (CSRF) vulnerability in Drupal 6.x before 6.3 allows remote attackers to perform administrative actions via vectors involving deletion of OpenID identities.
References
Link | Resource |
---|---|
http://drupal.org/node/280571 | Patch Vendor Advisory |
http://secunia.com/advisories/31079 | Third Party Advisory |
http://www.openwall.com/lists/oss-security/2008/07/10/3 | Mailing List Third Party Advisory |
http://www.securityfocus.com/bid/30168 | Third Party Advisory VDB Entry |
https://bugzilla.redhat.com/show_bug.cgi?id=454849 | Issue Tracking Third Party Advisory |
https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00016.html | Third Party Advisory |
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00527.html | Third Party Advisory |
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00551.html | Third Party Advisory |
Configurations
History
15 Apr 2021, 13:47
Type | Values Removed | Values Added |
---|---|---|
References | (BID) http://www.securityfocus.com/bid/30168 - Third Party Advisory, VDB Entry | |
References | (FEDORA) https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00016.html - Third Party Advisory | |
References | (FEDORA) https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00527.html - Third Party Advisory | |
References | (FEDORA) https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00551.html - Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/31079 - Third Party Advisory | |
References | (MLIST) http://www.openwall.com/lists/oss-security/2008/07/10/3 - Mailing List, Third Party Advisory | |
References | (CONFIRM) http://drupal.org/node/280571 - Patch, Vendor Advisory | |
References | (CONFIRM) https://bugzilla.redhat.com/show_bug.cgi?id=454849 - Issue Tracking, Third Party Advisory | |
CPE | cpe:2.3:a:drupal:drupal:6:*:*:*:*:*:*:* |
cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:* cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* |
Information
Published : 2008-07-18 16:41
Updated : 2023-12-10 10:51
NVD link : CVE-2008-3221
Mitre link : CVE-2008-3221
CVE.ORG link : CVE-2008-3221
JSON object : View
Products Affected
drupal
- drupal
fedoraproject
- fedora
CWE
CWE-352
Cross-Site Request Forgery (CSRF)