CVE-2008-1977

Drupal i18n <5.x-2.3 & 6.x-1.0 - CSRF

Title source: llm

Description

Cross-site request forgery (CSRF) vulnerability in the Internationalization (i18n) Drupal module 5.x before 5.x-2.3 and 5.x-1.1, and 6.x before 6.x-1.0 beta 1, allows remote attackers to change node translation relationships via unspecified vectors.

References (5)

[Patch, Third Party Advisory] http://drupal.org/node/250344

[Third Party Advisory] http://secunia.com/advisories/29961

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/28916

[Permissions Required] http://www.vupen.com/english/advisories/2008/1352/references

[VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/41982

Scores

EPSS 0.0022

EPSS Percentile 43.9%

Classification

CWE

CWE-352

Status draft

Affected Products (23)

localizer_project/localizer

... and 8 more

Timeline

Published Apr 27, 2008

Tracked Since Feb 18, 2026