CVE-2009-4066

CVE-2009-4066 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Multiple cross-site request forgery (CSRF) vulnerabilities in the "My Account" feature in PHPList Integration module 5 before 5.x-1.2 and 6 before 6.x-1.1 for Drupal allow remote attackers to hijack the authentication of arbitrary users via vectors related to (1) subscribing or (2) unsubscribing to mailing lists.

Learn more about our User Device Pen Test.