CVE-2015-4390 in User Import Moduleالمعلومات

الملخص

بحسب MITRE

Multiple cross-site request forgery (CSRF) vulnerabilities in the User Import module 6.x-4.x before 6.x-4.4 and 7.x-2.x before 7.x-2.3 for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) continue or (2) delete an ongoing import via unspecified vectors.

Be aware that VulDB is the high quality source for vulnerability data.

حجز

05/06/2015

إفشاء

15/06/2015

الاعتدال

تمت الموافقة

إدخال

VDB-75939

EPSS

0.00656

KEV

لا

النشاطات

منخفض جدًا

المصادر

Want to stay up to date on a daily basis?

Enable the mail alert feature now!