1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
PublicDate: 2008-08-27
Candidate: CVE-2008-3743
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3743
Description:
Multiple cross-site request forgery (CSRF) vulnerabilities in forms in
Drupal 6.x before 6.4 allow remote attackers to perform unspecified actions
via unknown vectors, related to improper token validation for (1) cached
forms and (2) forms with AHAH elements.
Ubuntu-Description:
Notes:
jdstrand> per Debian, vulnerable code not present
Bugs:
Priority: low
Discovered-by:
Assigned-to:
Patches_drupal:
upstream_drupal: not-affected
dapper_drupal: not-affected
feisty_drupal: not-affected
gutsy_drupal: DNE
hardy_drupal: DNE
devel_drupal: DNE
Patches_drupal5:
upstream_drupal5: not-affected
dapper_drupal5: DNE
feisty_drupal5: DNE
gutsy_drupal5: not-affected
hardy_drupal5: not-affected
devel_drupal5: not-affected
|