CVE-2007-5594
CVE-2007-5594 concerns Drupal 5.x before 5.3, where the Drupal Forms API protection is not applied to the user deletion form. This allows remote attackers to delete users via a cross-site request forgery (CSRF) attack. The connected advisories document an upgrade to Drupal 5.3 (e.g., Fedora-2007-...