Lucene search
K

4 matches found

NVD
NVD
added 2015/04/21 4:59 p.m.18 views

CVE-2015-3355

Multiple cross-site request forgery CSRF vulnerabilities in the Batch Jobs module before 7.x-1.2 for Drupal allow remote attackers to hijack the authentication of certain users for requests that 1 delete a batch job record or 2 execute a task via unspecified vectors...

6.8CVSS7.4AI score0.00656EPSS
Exploits0References5
Cvelist
Cvelist
added 2015/04/21 4:0 p.m.23 views

CVE-2015-3355

Multiple cross-site request forgery CSRF vulnerabilities in the Batch Jobs module before 7.x-1.2 for Drupal allow remote attackers to hijack the authentication of certain users for requests that 1 delete a batch job record or 2 execute a task via unspecified vectors...

7.4AI score0.00656EPSS
Exploits0References5
CVE
CVE
added 2015/04/21 4:0 p.m.45 views

CVE-2015-3355

The CVE-2015-3355 entry concerns CSRF in the Drupal Batch Jobs module (7.x, pre-1.2). Exploitation could allow remote attackers to hijack a user’s session to perform actions such as deleting a batch job or executing a task via crafted requests, as documented by multiple sources including DRUPAL-S...

6.8CVSS7.6AI score0.00656EPSS
Exploits0References5Affected Software1
Drupal
Drupal
added 2015/01/07 12:0 a.m.22 views

SA-CONTRIB-2015-008 - Batch Jobs - Cross Site Request Forgery (CSRF)

The Batch Jobs project is a scalable way to execute a list of tasks. Links that take actions on batch jobs are not protected from Cross Site Request Forgery CSRF. A malicious individual could cause a user that has permission to access a particular batch job or an administrator to delete the recor...

6.8CVSS6.9AI score0.00656EPSS
Exploits0References9
Rows per page
Query Builder