CVE-2015-4364 in Campaign Monitor Module信息

摘要

由 MITRE

Multiple cross-site request forgery (CSRF) vulnerabilities in includes/campaignmonitor_lists.admin.inc in the Campaign Monitor module 7.x-1.0 for Drupal allow remote attackers to hijack the authentication of users for requests that (1) enable list subscriptions via a request to admin/config/services/campaignmonitor/lists/%/enable or (2) disable list subscriptions via a request to admin/config/services/campaignmonitor/lists/%/disable.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

来源

Do you want to use VulDB in your project?

Use the official API to access entries easily!