3 matches found
CVE-2015-3363
Cross-site request forgery CSRF vulnerability in the Contact Form Fields module before 6.x-2.3 for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete fields via unspecified vectors...
CVE-2015-3363
CVE-2015-3363 is a CSRF vulnerability in the Drupal Contact Form Fields module prior to 6.x-2.3. It allows an attacker to trick an authenticated administrator into performing actions (notably deleting fields) on behalf of the admin, via unspecified vectors. Affected versions are all before 6.x-2....
CVE-2015-3363
Cross-site request forgery CSRF vulnerability in the Contact Form Fields module before 6.x-2.3 for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete fields via unspecified vectors...