4 matches found
CVE-2015-3355
Multiple cross-site request forgery CSRF vulnerabilities in the Batch Jobs module before 7.x-1.2 for Drupal allow remote attackers to hijack the authentication of certain users for requests that 1 delete a batch job record or 2 execute a task via unspecified vectors...
CVE-2015-3355
Multiple cross-site request forgery CSRF vulnerabilities in the Batch Jobs module before 7.x-1.2 for Drupal allow remote attackers to hijack the authentication of certain users for requests that 1 delete a batch job record or 2 execute a task via unspecified vectors...
CVE-2015-3355
The CVE-2015-3355 entry concerns CSRF in the Drupal Batch Jobs module (7.x, pre-1.2). Exploitation could allow remote attackers to hijack a user’s session to perform actions such as deleting a batch job or executing a task via crafted requests, as documented by multiple sources including DRUPAL-S...
SA-CONTRIB-2015-008 - Batch Jobs - Cross Site Request Forgery (CSRF)
The Batch Jobs project is a scalable way to execute a list of tasks. Links that take actions on batch jobs are not protected from Cross Site Request Forgery CSRF. A malicious individual could cause a user that has permission to access a particular batch job or an administrator to delete the recor...