CVE-2008-1981

E-Publish < 5.x-1.1 and < 6.x-1.0 beta1 - Cross-Site Request Forgery

Title source: llm
STIX 2.1

Description

Cross-site request forgery (CSRF) vulnerability in E-Publish 5.x before 5.x-1.1 and 6.x before 6.x-1.0 beta1, a Drupal module, allows remote attackers to perform unauthorized actions as other users via unspecified vectors.

References (4)

Core 4
Core References
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/29960
Permissions Required vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/1353/references
Patch, Third Party Advisory x_refsource_confirm
http://drupal.org/node/250408
Tool Signature, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/41978

Scores

EPSS 0.0072
EPSS Percentile 49.5%

Details

CWE
CWE-352
Status published
Products (3)
e-publish_project/e-publish 5.x-1.0
e-publish_project/e-publish 5.x-1.x dev
e-publish_project/e-publish 6.x-1.x dev
Published Apr 27, 2008
Tracked Since Feb 18, 2026