Drupal OpenLucius module cross-site request forgery vulnerability

Drupal is a free, open source content management system developed in PHP and maintained by the Drupal community.OpenLucius is one of the work management platforms for social communication, documentation and projects. A cross-site request forgery vulnerability exists in the Drupal OpenLucius modul...

Drupal OpenLucius Module Cross-Site Scripting Vulnerability

Drupal is a free, open source content management system developed in PHP and maintained by the Drupal community.OpenLucius is one of the work management platforms for social communication, documentation and projects. A cross-site scripting vulnerability exists in the Drupal OpenLucius module. An...

OpenLucius - Moderately Critical - Multiple vulnerabilities - SA-CONTRIB-2017-004

OpenLucius is a work management platform for social communication, documentation, and projects. The distribution doesn't sufficiently use tokens when marking messages for users as read thereby exposing a Cross Site Request Forgery CSRF vulnerability. The distribution does not sufficiently filter...