CVE-2008-6169

Name of the Vulnerable Software and Affected Versions Localization client versions 5.x through 5.x-1.1 Localization client versions 6.x through 6.x-1.6 Localization server versions 5.x through 5.x-1.0-alpha5 Localization server versions 6.x through 6.x-alpha2

Description A cross-site request forgery (CSRF) issue exists in the Localization client and server modules for Drupal. This allows remote attackers to perform unauthorized actions as administrators via vectors related to the local translation submission interface.

Recommendations For Localization client versions 5.x through 5.x-1.1, update to version 5.x-1.1 or later. For Localization client versions 6.x through 6.x-1.6, update to version 6.x-1.6 or later. For Localization server versions 5.x through 5.x-1.0-alpha5, update to version 5.x-1.0-alpha5 or later. For Localization server versions 6.x through 6.x-alpha2, update to version 6.x-alpha2 or later.