1 results (0.001 seconds)

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2015-4350

https://notcve.org/view.php?id=CVE-2015-4350

Multiple cross-site request forgery (CSRF) vulnerabilities in the Spider Catalog module for Drupal allow remote attackers to hijack the authentication of administrators for requests that delete (1) products, (2) ratings, or (3) categories via unspecified vectors. Múltiples vulnerabilidades de CSRF en el módulo Spider Catalog para Drupal permiten a atacantes remotos secuestrar la autenticación de administradores para solicitudes que eliminan (1) productos, (2) calificaciones o (3) categorías a través de vectores no especificados. • http://www.openwall.com/lists/oss-security/2015/04/25/6 http://www.securityfocus.com/bid/72798 https://www.drupal.org/node/2437977 • CWE-352: Cross-Site Request Forgery (CSRF) •