CVE-2008-0271

Name of the Vulnerable Software and Affected Versions BUEditor versions 4.7.x through 4.7.x-1.0 BUEditor versions 5.x through 5.x-1.1

Description The issue allows remote attackers to conduct cross-site request forgery (CSRF) attacks and delete custom editor interfaces due to the editor deletion form not following Drupal's Forms API submission model.

Recommendations For BUEditor versions 4.7.x through 4.7.x-1.0, update to version 4.7.x-1.0 or later. For BUEditor versions 5.x through 5.x-1.1, update to version 5.x-1.1 or later.