Lucene search
K

11 matches found

Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-52176

Name of the Vulnerable Software and Affected Versions Drupal Salesforce Suite versions 0.0.0 through 5.1.3 Description A Cross-Site Request Forgery CSRF issue exists where the software fails to properly validate the OAuth handshake during interactive authentication. This allows an attacker to...

6AI score0.00097EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.12 views

CVE-2026-45430

The Salesforce module before 1.x-1.0.1 for Backdrop CMS does not properly use a random state parameter to protect the authorization flow against CSRF attacks...

7.1CVSS5.5AI score0.00121EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/12 6:31 a.m.14 views

EUVD-2026-29373

The Salesforce module before 1.x-1.0.1 for Backdrop CMS does not properly use a random state parameter to protect the authorization flow against CSRF attacks...

7.1CVSS5.8AI score0.00121EPSS
Exploits0References2
NVD
NVD
added 2026/05/12 4:16 a.m.19 views

CVE-2026-45430

The Salesforce module before 1.x-1.0.1 for Backdrop CMS does not properly use a random state parameter to protect the authorization flow against CSRF attacks...

7.1CVSS0.00121EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/12 4:6 a.m.8 views

CVE-2026-45430

The Salesforce module before 1.x-1.0.1 for Backdrop CMS does not properly use a random state parameter to protect the authorization flow against CSRF attacks...

7.1CVSS5.8AI score0.00121EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 4:6 a.m.8 views

CVE-2026-45430

The Salesforce module before 1.x-1.0.1 for Backdrop CMS does not properly use a random state parameter to protect the authorization flow against CSRF attacks...

7.1CVSS5.8AI score0.00121EPSS
Exploits0References2
CVE
CVE
added 2026/05/12 4:6 a.m.23 views

CVE-2026-45430

CVE-2026-45430 affects the Salesforce module for Backdrop CMS (vulnerable: 1.x-1.0.0 and earlier; fixed in 1.x-1.0.1 or later). The root cause is the module not properly using a random state parameter to protect the OAuth-like authorization flow, leaving it susceptible to CSRF attacks. The CVSSv3...

7.1CVSS5.8AI score0.00121EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 4:6 a.m.41 views

CVE-2026-45430

The Salesforce module before 1.x-1.0.1 for Backdrop CMS does not properly use a random state parameter to protect the authorization flow against CSRF attacks...

7.1CVSS0.00121EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.22 views

PT-2026-39931

The Salesforce module before 1.x-1.0.1 for Backdrop CMS does not properly use a random state parameter to protect the authorization flow against CSRF attacks...

7.1CVSS5.8AI score0.00121EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.5 views

Malicious code in prodigy-salesforce-module (npm)

The package prodigy-salesforce-module was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.5 views

MAL-2025-29707 Malicious code in prodigy-salesforce-module (npm)

The package prodigy-salesforce-module was found to contain malicious code...

7.2AI score
Exploits0
Rows per page
Query Builder