CVE-2015-4391 in CiviCRM Private Report Moduleinfo

Zusammenfassung

von MITRE

Cross-site request forgery (CSRF) vulnerability in the CiviCRM private report module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to hijack the authentication of users for requests that delete reports via unspecified vectors.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservieren

05.06.2015

Veröffentlichung

15.06.2015

Moderieren

akzeptiert

Eintrag

VDB-75940

CPE

bereit

EPSS

0.00656

KEV

nein

Aktivitäten

very low

Quellen

Do you want to use VulDB in your project?

Use the official API to access entries easily!