CVE-2008-3220
Published: 18 July 2008
Cross-site request forgery (CSRF) vulnerability in Drupal 5.x before 5.8 and 6.x before 6.3 allows remote attackers to perform administrative actions via vectors involving deletion of "translated strings."
Priority
Status
Package | Release | Status |
---|---|---|
drupal Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
feisty |
Ignored
(end of life, was needs-triage)
|
|
gutsy |
Does not exist
|
|
hardy |
Does not exist
|
|
intrepid |
Does not exist
|
|
jaunty |
Does not exist
|
|
karmic |
Does not exist
|
|
upstream |
Released
(5.8)
|
|
drupal5 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
feisty |
Does not exist
|
|
gutsy |
Ignored
(end of life, was needs-triage)
|
|
hardy |
Released
(5.7-1ubuntu1.1)
|
|
intrepid |
Not vulnerable
(5.9-1ubuntu1)
|
|
jaunty |
Not vulnerable
(5.9-1ubuntu1)
|
|
karmic |
Not vulnerable
(5.9-1ubuntu1)
|
|
upstream |
Released
(5.8)
|