CVE-2008-0272

Description

Cross-site request forgery (CSRF) vulnerability in the aggregator module in Drupal 4.7.x before 4.7.11 and 5.x before 5.6 allows remote attackers to delete items from a feed as privileged users.

Software From Fixed in
drupal / drupal 4.0.0 4.0.0.x
drupal / drupal 4.1.0 4.1.0.x
drupal / drupal 4.2.0_rc 4.2.0_rc.x
drupal / drupal 4.4 4.4.x
drupal / drupal 4.4.1 4.4.1.x
drupal / drupal 4.4.2 4.4.2.x
drupal / drupal 4.4.3 4.4.3.x
drupal / drupal 4.5 4.5.x
drupal / drupal 4.5.1 4.5.1.x
drupal / drupal 4.5.2 4.5.2.x
drupal / drupal 4.5.3 4.5.3.x
drupal / drupal 4.5.4 4.5.4.x
drupal / drupal 4.5.5 4.5.5.x
drupal / drupal 4.5.6 4.5.6.x
drupal / drupal 4.5.7 4.5.7.x
drupal / drupal 4.5.8 4.5.8.x
drupal / drupal 4.6 4.6.x
drupal / drupal 4.6.1 4.6.1.x
drupal / drupal 4.6.10 4.6.10.x
drupal / drupal 4.6.11 4.6.11.x
drupal / drupal 4.6.2 4.6.2.x
drupal / drupal 4.6.3 4.6.3.x
drupal / drupal 4.6.4 4.6.4.x
drupal / drupal 4.6.5 4.6.5.x
drupal / drupal 4.6.6 4.6.6.x
drupal / drupal 4.6.7 4.6.7.x
drupal / drupal 4.6.8 4.6.8.x
drupal / drupal 4.6.9 4.6.9.x
drupal / drupal 4.7 4.7.x
drupal / drupal 4.7_rev_1.15 4.7_rev_1.15.x
drupal / drupal 4.7_rev_1.2 4.7_rev_1.2.x
drupal / drupal 4.7.1 4.7.1.x
drupal / drupal 4.7.10 4.7.10.x
drupal / drupal 4.7.2 4.7.2.x
drupal / drupal 4.7.3 4.7.3.x
drupal / drupal 4.7.4 4.7.4.x
drupal / drupal 4.7.5 4.7.5.x
drupal / drupal 4.7.6 4.7.6.x
drupal / drupal 4.7.7 4.7.7.x
drupal / drupal 4.7.8 4.7.8.x
drupal / drupal 4.7.9 4.7.9.x
drupal / drupal 5.0 5.0.x
drupal / drupal 5.1 5.1.x
drupal / drupal 5.1_rev1.1 5.1_rev1.1.x
drupal / drupal 5.2 5.2.x
drupal / drupal 5.3 5.3.x
drupal / drupal 5.4 5.4.x
drupal / drupal 5.5. 5.5..x