Unrated severityNVD Advisory· Published Mar 2, 2009· Updated Jun 16, 2026
CVE-2008-6384
CVE-2008-6384
Description
Multiple cross-site request forgery (CSRF) vulnerabilities in Comment Mail 5.x before 5.x-1.1, a module for Drupal, allow remote attackers to hijack the authentication of administrators.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5cpe:2.3:a:drupal:comment_mail:5.x-0.1:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:drupal:comment_mail:5.x-0.1:*:*:*:*:*:*:*
- cpe:2.3:a:drupal:comment_mail:5.x-1.0:*:*:*:*:*:*:*
- cpe:2.3:a:drupal:comment_mail:5.x-1.0:beta:*:*:*:*:*:*
- cpe:2.3:a:drupal:comment_mail:5.x-1.x:dev:*:*:*:*:*:*
- (no CPE)range: <5.x-1.1
Patches
Vulnerability mechanics
References
4- drupal.org/node/339495nvdPatchVendor Advisory
- secunia.com/advisories/32905nvdVendor Advisory
- osvdb.org/50206nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/46944nvd
News mentions
0No linked articles in our index yet.