Vulnerability Details CVE-2008-6169
Cross-site request forgery (CSRF) vulnerability in the Localization client 5.x before 5.x-1.1 and 6.x before 6.x-1.6 and the Localization server 5.x before 5.x-1.0-alpha5 and 6.x before 6.x-alpha2, modules for Drupal, allows remote attackers to perform unauthorized actions as administrators via unspecified vectors related to the "local translation submission interface."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 43.0%
CVSS Severity
CVSS v2 Score 6.8
References
Products affected by CVE-2008-6169
-
cpe:2.3:a:drupal:localization_client:*
-
cpe:2.3:a:drupal:localization_client:5.x-1.xdev
-
cpe:2.3:a:drupal:localization_client:6.x-1.0
-
cpe:2.3:a:drupal:localization_client:6.x-1.1
-
cpe:2.3:a:drupal:localization_client:6.x-1.2
-
cpe:2.3:a:drupal:localization_client:6.x-1.3
-
cpe:2.3:a:drupal:localization_client:6.x-1.4
-
cpe:2.3:a:drupal:localization_client:6.x-1.xdev
-
cpe:2.3:a:drupal:localization_server:*
-
cpe:2.3:a:drupal:localization_server:5.x-1.0alpha1
-
cpe:2.3:a:drupal:localization_server:5.x-1.0alpha2
-
cpe:2.3:a:drupal:localization_server:5.x-1.0alpha3
-
cpe:2.3:a:drupal:localization_server:5.x-1.xdev
-
cpe:2.3:a:drupal:localization_server:6.x-1.xdev