[Security-news] SA-CONTRIB-2010-035: Smileys - Cross Site Request Forgery

2 views
Skip to first unread message

securi...@drupal.org

unread,
Apr 7, 2010, 6:10:42 PM4/7/10
to securi...@drupal.org
* Advisory ID: DRUPAL-SA-CONTRIB-2010-035
* Project: Smileys (third-party module)
* Versions: 5.x
* Date: 2010-April-07
* Security risk: Less Critical
* Exploitable from: Remote
* Vulnerability: Cross-site Request Forgery

-------- DESCRIPTION
---------------------------------------------------------

The Smileys module provides a text filter that substitutes emoticons with
images. The module is vulnerable to cross-site request forgeries (CSRF [1])
via the URL used to delete smileys. A user with "administer smileys"
permission could be tricked into visiting the smiley delete URL and
unwittingly remove smileys from the site.

-------- VERSIONS AFFECTED
---------------------------------------------------

* Smileys module for Drupal 5.x version prior to 5.x-1.2 [2].

*Note that Smileys version 6.x-1.0-alpha5 and earlier versions for Drupal 6.x
are also affected. However, the security team does not provide support for
alpha releases.* Drupal core is not affected. If you do not use the
contributed Smileys module, there is nothing you need to do.
-------- SOLUTION
------------------------------------------------------------

Install the latest version.

* If you use the Smileys module for Drupal 5.x-1.x upgrade to Smileys
5.x-1.2 [3]

See also the Smileys project page [4].
-------- REPORTED BY
---------------------------------------------------------

* Andrey Tretyakov [5]

-------- FIXED BY
------------------------------------------------------------

* Gurpartap Singh [6], the module maintainer
* mr.baileys [7] of the Drupal security team.

-------- CONTACT
-------------------------------------------------------------

The security team for Drupal can be reached at security at drupal.org or via
the form at http://drupal.org/contact [8].


[1] http://en.wikipedia.org/wiki/Csrf
[2] http://drupal.org/node/764826
[3] http://drupal.org/node/764826
[4] http://drupal.org/project/smileys
[5] http://drupal.org/user/169459
[6] http://drupal.org/user/41470
[7] http://drupal.org/user/383424
[8] http://drupal.org/contact

_______________________________________________
Security-news mailing list
Securi...@drupal.org
http://lists.drupal.org/mailman/listinfo/security-news

Reply all
Reply to author
Forward
0 new messages