Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in Comment Mail 5.x before 5.x-1.1, a module for Drupal, allow remote attackers to hijack the authentication of administrators...

CVE-2008-6384

Multiple cross-site request forgery CSRF vulnerabilities in Comment Mail 5.x before 5.x-1.1, a module for Drupal, allow remote attackers to hijack the authentication of administrators...

CVE-2008-6384

Multiple cross-site request forgery CSRF vulnerabilities in Comment Mail 5.x before 5.x-1.1, a module for Drupal, allow remote attackers to hijack the authentication of administrators...

CVE-2008-6384

CVE-2008-6384 affects the Drupal module Comment Mail 5.x; prior to version 5.x-1.1 it contains multiple CSRF vulnerabilities that allow remote attackers to hijack administrator authentication. The affected component is the Comment Mail 5.x module for Drupal; root cause and exact exploit details a...

SA-2008-070 - Comment Mail - Cross site request forgery

The Comment Mail module allows an email to be sent to the site administrators when new comments are posted. Links in the email allow for quick approval, editing, deletion of the comment and/or banning of the poster's IP address. Unfortunately some links are vulnerable to cross site request...