3 matches found
CVE-2015-3354
Cross-site request forgery CSRF vulnerability in the Wishlist module before 6.x-2.7 and 7.x-2.x before 7.x-2.7 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that delete wishlist purchase intentions via unspecified vectors...
CVE-2015-3354
Cross-site request forgery CSRF vulnerability in the Wishlist module before 6.x-2.7 and 7.x-2.x before 7.x-2.7 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that delete wishlist purchase intentions via unspecified vectors...
CVE-2015-3354
The CVE-2015-3354 entry concerns the Drupal Wishlist module (versions 6.x-2.x before 6.x-2.7 and 7.x-2.x before 7.x-2.7). The vulnerability is a CSRF flaw that allows remote attackers to hijack the authentication of arbitrary users to perform actions deleting wishlist purchase intentions via unsp...