2 matches found
CVE-2015-3350
The CVE-2015-3350 issue affects the Drupal Todo Filter module, not Drupal core. Affected: Todo Filter 6.x-1.x before 6.x-1.1 and 7.x-1.x before 7.x-1.1. Root cause: cross-site request forgery (CSRF) that lets remote attackers hijack a user’s authenticated session to toggle a task via unspecified ...
CVE-2015-3350
Cross-site request forgery CSRF vulnerability in the Todo Filter module before 6.x-1.1 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that toggle a task via unspecified vectors...