2 matches found
CVE-2015-3366
Cross-site request forgery CSRF vulnerability in the Alfresco module before 6.x-1.3 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that delete an alfresco node via unspecified vectors...
CVE-2015-3366
CVE-2015-3366 describes a CSRF vulnerability in the Drupal Alfresco module prior to 6.x-1.3. Affected component: Alfresco module (Drupal integration). Root cause: CSRF protection gaps allow remote attackers to perform actions on behalf of authenticated users, potentially deleting an Alfresco node...