2 matches found
CVE-2015-4379
Cross-site request forgery CSRF vulnerability in the Webform Multiple File Upload module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to hijack the authentication of certain users for requests that delete files via unspecified vectors...
CVE-2015-4379
CVE-2015-4379 affects the Drupal Webform Multiple File Upload module (versions 6.x-1.x prior to 6.x-1.3 and 7.x-1.x prior to 7.x-1.3). The underlying issue is a CSRF vulnerability that allows remote attackers to hijack the authentication of certain users to perform file-deletion actions via unspe...