PT-2015-6579 · Drupal · Drupal Node Template Module
Pere Orga
·
Publicado
2015-06-15
·
Atualizado
2015-06-16
·
CVE-2015-4397
CVSS v2.0
6.8
Média
| Vetor | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Drupal Node Template module (affected versions not specified)
Description
A cross-site request forgery (CSRF) issue exists, allowing remote attackers to hijack user authentication for requests that delete node templates. This affects users with the "access node template" permission.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
CSRF
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Drupal Node Template Module