2 matches found
CVE-2015-3352
The Jammer module for Drupal is affected by CVE-2015-3352. A CSRF weakness in Jammer 6.x-1.x (before 6.x-1.8) and 7.x-1.x (before 7.x-1.4) lets an attacker cause an administrator to perform actions that delete settings for (1) hidden form elements or (2) status messages via the report administrat...
SA-CONTRIB-2015-012 - Jammer - Cross Site Request Forgery (CSRF)
This module enables you to hide or remove items from displaying including the node and comment preview buttons, node delete button, revision log textarea, workflow form on the workflow tab, and feed icon. The report administration links are not properly protected from CSRF. A malicious user could...