CVE-2015-3356

Multiple cross-site request forgery (CSRF) vulnerabilities in the Tadaa! module before 7.x-1.4 for Drupal allow remote attackers to hijack the authentication of arbitrary users for requests that (1) enable or (2) disable modules or (3) change variables via unspecified vectors.
Configurations

Configuration 1 (hide)

cpe:2.3:a:tadaa\!_project:tadaa\!:*:*:*:*:*:drupal:*:*

History

No history.

Information

Published : 2015-04-21 16:59

Updated : 2024-02-28 12:20


NVD link : CVE-2015-3356

Mitre link : CVE-2015-3356

CVE.ORG link : CVE-2015-3356


JSON object : View

Products Affected

tadaa\!_project

  • tadaa\!
CWE
CWE-352

Cross-Site Request Forgery (CSRF)