CVE-2008-6909

Name of the Vulnerable Software and Affected Versions: Drupal module Services versions 5.x before 5.x-0.92 Drupal module Services versions 6.x before 6.x-0.13

Description: The issue is related to the module not signing all required data in requests, which could allow remote attackers to impersonate other users and gain privileges, possibly through man-in-the-middle attacks that modify critical data.

Recommendations: For versions 5.x before 5.x-0.92, update to version 5.x-0.92 or later to resolve the issue. For versions 6.x before 6.x-0.13, update to version 6.x-0.13 or later to resolve the issue.