Description
Cross-site request forgery (CSRF) vulnerability in the Localization client 5.x before 5.x-1.1 and 6.x before 6.x-1.6 and the Localization server 5.x before 5.x-1.0-alpha5 and 6.x before 6.x-alpha2, modules for Drupal, allows remote attackers to perform unauthorized actions as administrators via unspecified vectors related to the "local translation submission interface."
Affected products
- Drupal / localization_client5.x-1.0
- Drupal / localization_client5.x-1.xdev – 5.x-1.xdev
- Drupal / localization_client6.x-1.0 – 6.x-1.0
- Drupal / localization_client6.x-1.1 – 6.x-1.1
- Drupal / localization_client6.x-1.2 – 6.x-1.2
- Drupal / localization_client6.x-1.3 – 6.x-1.3
- Drupal / localization_client6.x-1.4 – 6.x-1.4
- Drupal / localization_client6.x-1.xdev – 6.x-1.xdev
- Drupal / localization_server5.x-1.0alpha4
- Drupal / localization_server5.x-1.0alpha1 – 5.x-1.0alpha1
- Drupal / localization_server5.x-1.0alpha2 – 5.x-1.0alpha2
- Drupal / localization_server5.x-1.0alpha3 – 5.x-1.0alpha3
- Drupal / localization_server5.x-1.xdev – 5.x-1.xdev
- Drupal / localization_server6.x-1.xdev – 6.x-1.xdev