CVE-2015-4391 in CiviCRM Private Report Module信息

摘要

由 VulDB • 2026-07-12

Drupal的CiviCRM私有报告模块(版本在6.x-1.2之前的6.x-1.x系列以及7.x-1.3之前的7.x-1.x系列)中存在跨站请求伪造(CSRF)漏洞,远程攻击者可通过未指定的途径劫持用户身份验证,从而删除报表。

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

来源

Do you want to use VulDB in your project?

Use the official API to access entries easily!