CVE-2015-3388
CVE-2015-3388 affects Drupal’s Commerce Balanced Payments module. A CSRF flaw allows an attacker to hijack a user’s session to trigger requests that delete the user’s configured bank accounts via unspecified vectors. Public advisories indicate CSRF (and related XSS) in Commerce Balanced Payments ...