CVE-2008-6169

EUVD-2008-6139
Cross-site request forgery (CSRF) vulnerability in the Localization client 5.x before 5.x-1.1 and 6.x before 6.x-1.6 and the Localization server 5.x before 5.x-1.0-alpha5 and 6.x before 6.x-alpha2, modules for Drupal, allows remote attackers to perform unauthorized actions as administrators via unspecified vectors related to the "local translation submission interface."
CSRF
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 42%
Affected Products (NVD)
VendorProductVersion
drupallocalization_client
𝑥
≤ 5.x-1.0
drupallocalization_client
𝑥
≤ 6.x-1.5
drupallocalization_client
5.x-1.xdev:x
drupallocalization_client
6.x-1.0:x
drupallocalization_client
6.x-1.1:x
drupallocalization_client
6.x-1.2:x
drupallocalization_client
6.x-1.3:x
drupallocalization_client
6.x-1.4:x
drupallocalization_client
6.x-1.xdev:x
drupallocalization_server
𝑥
≤ 5.x-1.0alpha4
drupallocalization_server
𝑥
≤ 6.x-1.0alpha1
drupallocalization_server
5.x-1.0alpha1:x
drupallocalization_server
5.x-1.0alpha2:x
drupallocalization_server
5.x-1.0alpha3:x
drupallocalization_server
5.x-1.xdev:x
drupallocalization_server
6.x-1.xdev:x
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://drupal.org/node/324862
http://secunia.com/advisories/32388
https://exchange.xforce.ibmcloud.com/vulnerabilities/46044
http://drupal.org/node/324862
http://secunia.com/advisories/32388
https://exchange.xforce.ibmcloud.com/vulnerabilities/46044