2 matches found
CVE-2015-3351
Multiple cross-site request forgery CSRF vulnerabilities in the Log Watcher module before 6.x-1.2 for Drupal allow remote attackers to hijack the authentication of administrators for requests that 1 enable, 2 disable, or 3 delete a report via unspecified vectors...
CVE-2015-3351
CVE-2015-3351 affects the Drupal Log Watcher module (6.x-1.x) before 6.x-1.2. The issue is a CSRF vulnerability in the report administration links that can allow an attacker to trigger actions (enable, disable, or delete a report) on behalf of an authenticated administrator, effectively hijacking...