CSRF Vulnerability in Drupal Aggregator Module

CSRF Vulnerability in Drupal Aggregator Module

CVE-2012-0826 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Cross-site request forgery (CSRF) vulnerability in the Aggregator module in Drupal 6.x before 6.23 and 7.x before 7.11 allows remote attackers to hijack the authentication of unspecified victims for requests that update feeds and possibly cause a denial of service (loss of updates due to rate limit) via unspecified vectors.

Learn more about our Web Application Penetration Testing UK.