CVE-2015-3349
The CVE-2015-3349 entry concerns Drupal’s Htaccess module (7.x-2.x) with CSRF flaws that allow remote attackers to hijack administrator sessions to deploy or delete an .htaccess file. Affected: Htaccess module for Drupal 7.x, prior to 7.x-2.3. Root cause: Cross-site request forgery in the module’...