CVE-2015-3380
CVE-2015-3380 concerns the Drupal Feature Set contributed module. A CSRF flaw allows remote attackers to cause an administrator to enable or disable modules via crafted requests, compromising admin actions. Affected: Feature Set module for Drupal (all versions prior to fixed release). Root cause:...