5 matches found
EUVD-2012-2102
Malware in sbrugna...
CVE-2012-2097
Cross-site request forgery CSRF vulnerability in the Autosave module 6.x before 6.x-2.10 and 7.x-2.x before 7.x-2.0 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests involving "submitting saved results to a node."...
CVE-2012-2097
Cross-site request forgery CSRF vulnerability in the Autosave module 6.x before 6.x-2.10 and 7.x-2.x before 7.x-2.0 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests involving "submitting saved results to a node."...
CVE-2012-2097
CVE-2012-2097 describes a Cross-site request forgery (CSRF) vulnerability in the Drupal Autosave module. Affects: Autosave 6.x versions prior to 6.x-2.10 and 7.x versions prior to 7.x-2.0. Root cause: insufficient protection against submission of saved results to a node, enabling remote attackers...
SA-CONTRIB-2012-059 - Autosave - Cross Site Request Forgery
CVE: CVE-2012-2097 This module enables snapshots of your node edit form to be saved in the background while you are editing to help prevent the data from being lost. The module doesn't sufficiently protect against a user being tricked into submitting saved results to a node. Versions affected...