1 results (0.012 seconds)

CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0

Multiple cross-site request forgery (CSRF) vulnerabilities in the SimpleMeta module 6.x-1.x before 6.x-2.0 for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) delete or (2) add a meta tag entry. Vulnerabilidad de falsificación de petición en sitios cruzados (CSRF)en el módulo SimpleMeta v6.x-1.x anteriores a v6.x-2.0 para Drupal, permite a atacantes remotos secuestrar la autenticación de los administradores para peticiones de (1) borrado o (2) añadir una entrada "meta tag". • http://drupal.org/node/1534874 http://drupal.org/node/1632908 http://www.openwall.com/lists/oss-security/2012/06/14/3 http://www.securityfocus.com/bid/53997 https://exchange.xforce.ibmcloud.com/vulnerabilities/76344 • CWE-352: Cross-Site Request Forgery (CSRF) •