Drupal Core Multiple Security Vulnerabilities

Drupal is prone to a cross-site request-forgery vulnerability, and multiple security-bypass vulnerabilities.

An attacker can exploit the cross-site request-forgery issue to perform unauthorized actions in the context of a user's session. This may aid in other attacks.

Attackers can exploit the security bypass issues to bypass security restrictions, obtain sensitive information, or perform unauthorized actions; this may aid in launching further attacks.


 

Privacy Statement
Copyright 2010, SecurityFocus