Multiple cross-site request forgery (CSRF) vulnerabilities in the Tadaa! module before 7.x-1.4 for Drupal allow remote attackers to hijack the authentication of arbitrary users for requests that (1) enable or (2) disable modules or (3) change variables via unspecified vectors.
References
Configurations
History
No history.
Information
Published : 2015-04-21 16:59
Updated : 2024-02-28 12:20
NVD link : CVE-2015-3356
Mitre link : CVE-2015-3356
CVE.ORG link : CVE-2015-3356
JSON object : View
Products Affected
tadaa\!_project
- tadaa\!
CWE
CWE-352
Cross-Site Request Forgery (CSRF)