CVE-2012-0826

Cross-site request forgery CSRF vulnerability in the Aggregator module in Drupal 6.x before 6.23 and 7.x before 7.11 allows remote attackers to hijack the authentication of unspecified victims for requests that update feeds and possibly cause a denial of service loss of updates due to rate limit...

CVE-2012-0826

CVE-2012-0826 is a CSRF vulnerability in Drupal’s Aggregator module affecting Drupal 6.x before 6.23 and 7.x before 7.11. The issue allows remote attackers to hijack the authentication of unspecified victims for requests that update feeds and may cause a denial of service via rate-limited updates...

CVE-2012-0826

Cross-site request forgery CSRF vulnerability in the Aggregator module in Drupal 6.x before 6.23 and 7.x before 7.11 allows remote attackers to hijack the authentication of unspecified victims for requests that update feeds and possibly cause a denial of service loss of updates due to rate limit...

CVE-2012-0826

Removed by vendor...

[SECURITY] [DSA 2776-1] drupal6 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2776-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 11, 2013 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2776-1] drupal6 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2776-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 11, 2013 http://www.debian.org/security/faq -...

drupal -- multiple vulnerabilities

Drupal development team reports: Cross Site Request Forgery vulnerability in Aggregator module CVE: CVE-2012-0826 An XSRF vulnerability can force an aggregator feed to update. Since some services are rate-limited e.g. Twitter limits requests to 150 per hour this could lead to a denial of service...