Cross-site request forgery (CSRF) vulnerability in the Aggregator module in
Drupal 6.x before 6.23 and 7.x before 7.11 allows remote attackers to
hijack the authentication of unspecified victims for requests that update
feeds and possibly cause a denial of service (loss of updates due to rate
limit) via unspecified vectors.