PT-2015-6532 · Drupal · Drupal Spider Catalog Module
Pere Orga
·
Publicado
2015-06-15
·
Atualizado
2016-06-09
·
CVE-2015-4350
CVSS v2.0
6.8
Média
| Vetor | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Drupal Spider Catalog module (affected versions not specified)
Description
The issue concerns multiple cross-site request forgery (CSRF) vulnerabilities in the Spider Catalog module for Drupal. These vulnerabilities allow remote attackers to hijack the authentication of administrators for requests, enabling them to delete products, ratings, or categories via unspecified vectors.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
CSRF
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Drupal Spider Catalog Module