3 matches found
CVE-2013-0320
Cross-site request forgery CSRF vulnerability in the Taxonomy Manager taxonomymanager module 6.x-2.x before 6.x-2.2 and 7.x-1.x before 7.x-1.0-rc1 for Drupal allows remote attackers to hijack the authentication of users with 'administer taxonomy' permissions via unspecified vectors...
CVE-2013-0320
The CVE-2013-0320 issue affects the Drupal Taxonomy Manager module (taxonomy_manager). A CSRF vulnerability arises because POST requests are not sufficiently verified, enabling remote attackers to hijack the authentication of users with ‘administer taxonomy’ permissions via unspecified vectors. A...
SA-CONTRIB-2013-018 - Taxonomy Manager - Cross Site Request Forgery (CSRF)
The Taxonomy Manager provides an advanced interface for administrating taxonomy vocabularies. The module doesn't sufficiently verify POST requests thereby exposing a Cross Site Request Forgery vulnerability. This vulnerability is mitigated by the fact that an attacker must trick a user with...