CVE-2008-1981
E-Publish < 5.x-1.1 and < 6.x-1.0 beta1 - Cross-Site Request Forgery
Title source: llmDescription
Cross-site request forgery (CSRF) vulnerability in E-Publish 5.x before 5.x-1.1 and 6.x before 6.x-1.0 beta1, a Drupal module, allows remote attackers to perform unauthorized actions as other users via unspecified vectors.
References (4)
Core 4
Core References
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29960
Permissions Required vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/1353/references
Patch, Third Party Advisory x_refsource_confirm
http://drupal.org/node/250408
Tool Signature, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/41978
Scores
EPSS
0.0072
EPSS Percentile
49.5%
Details
CWE
CWE-352
Status
published
Products (3)
e-publish_project/e-publish
5.x-1.0
e-publish_project/e-publish
5.x-1.x dev
e-publish_project/e-publish
6.x-1.x dev
Published
Apr 27, 2008
Tracked Since
Feb 18, 2026