CVSS: 4.3EPSS: 0%CPEs: 23EXPL: 0CVE-2008-1977
https://notcve.org/view.php?id=CVE-2008-1977
Cross-site request forgery (CSRF) vulnerability in the Internationalization (i18n) Drupal module 5.x before 5.x-2.3 and 5.x-1.1, and 6.x before 6.x-1.0 beta 1, allows remote attackers to change node translation relationships via unspecified vectors. Vulnerabilidad falsificación de petición (CSRF) en el módulo de Drupal Internationalization (i18n) 5.x anteriores a 5.x-2.3 y 5.x-1.1, y 6.x anteriores a 6.x-1.0 beta 1, permite a atacantes remotos cambiar relaciones de traducción de nodos mediante vectores no especificados. • http://drupal.org/node/250344 http://secunia.com/advisories/29961 http://www.securityfocus.com/bid/28916 http://www.vupen.com/english/advisories/2008/1352/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41982 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 4.3EPSS: 0%CPEs: 23EXPL: 0CVE-2008-1976
https://notcve.org/view.php?id=CVE-2008-1976
Multiple cross-site scripting (XSS) vulnerabilities in the Drupal modules (1) Internationalization (i18n) 5.x before 5.x-2.3 and 5.x-1.1 and 6.x before 6.x-1.0 beta 1; and (2) Localizer 5.x before 5.x-3.4, 5.x-2.1, and 5.x-1.11; allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Múltiples vulnerabilidades de secuencias de órdenes en sitios cruzados (XSS) en los módulos de Drupal (1) Internacionalización (i18n) 5.x anteriores a 5.x-2.3 y 5.x-1.1 y 5.x anteriores a 6.x-1.0 beta 1; y (2) Localizador 5.x anteriores a 5.x-3.4, 5.x-2.1, y 5.x-1 permiten a atacantes remotos inyectar 'script' web o HTML de su elección mediante vectores no especificados. • http://drupal.org/node/250344 http://secunia.com/advisories/29961 http://www.securityfocus.com/bid/28916 http://www.vupen.com/english/advisories/2008/1352/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41977 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •