| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Cross-site request forgery (CSRF) vulnerability in the Todo Filter module before 6.x-1.1 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that toggle a task via unspecified vectors. |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the Log Watcher module before 6.x-1.2 for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) enable, (2) disable, or (3) delete a report via unspecified vectors. |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the Jammer module before 6.x-1.8 and 7.x-1.x before 7.x-1.4 for Drupal allow remote attackers to hijack the authentication of administrators for requests that delete a setting for (1) hidden form elements or (2) status messages via unspecified vectors, related to "report administration." |
| Cross-site request forgery (CSRF) vulnerability in the Wishlist module before 6.x-2.7 and 7.x-2.x before 7.x-2.7 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that delete wishlist purchase intentions via unspecified vectors. |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the Batch Jobs module before 7.x-1.2 for Drupal allow remote attackers to hijack the authentication of certain users for requests that (1) delete a batch job record or (2) execute a task via unspecified vectors. |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the Tadaa! module before 7.x-1.4 for Drupal allow remote attackers to hijack the authentication of arbitrary users for requests that (1) enable or (2) disable modules or (3) change variables via unspecified vectors. |
| Cross-site request forgery (CSRF) vulnerability in the Contact Form Fields module before 6.x-2.3 for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete fields via unspecified vectors. |
| Cross-site request forgery (CSRF) vulnerability in the Alfresco module before 6.x-1.3 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that delete an alfresco node via unspecified vectors. |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the Patterns module before 7.x-2.2 for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) restore, (2) publish, or (3) unpublish a pattern via unspecified vectors. |
| Cross-site request forgery (CSRF) vulnerability in the Node Invite module before 6.x-2.5 for Drupal allows remote attackers to hijack the authentication of users with the "node_invite_can_manage_invite" permission for requests that re-enable node invitations via unspecified vectors. |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the Corner module for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) enable or (2) disable corners via unspecified vectors. |
| Cross-site request forgery (CSRF) vulnerability in the Shibboleth Authentication module before 6.x-4.1 and 7.x-4.x before 7.x-4.1 for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete user role matching rules via unspecified vectors. |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the Feature Set module for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) enable or (2) disable a module via unspecified vectors. |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the Node basket module for Drupal allow remote attackers to hijack the authentication of arbitrary users for requests that (1) add or (2) remove nodes from a basket via unspecified vectors. |
| Cross-site request forgery (CSRF) vulnerability in the Commerce Balanced Payments module for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that delete the user's configured bank accounts via unspecified vectors. |
| Cross-site request forgery (CSRF) vulnerability in Cisco FireSIGHT System Software 5.4.1.2 and 6.0.0 in FireSIGHT Management Center allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu94721. |
| Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence ISDN Gateway devices with software 2.2(1.106) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu90724. |
| Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence Serial Gateway devices with software 1.0(1.42) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu90728. |
| Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence Advanced Media Gateway devices with software 1.1(1.40) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu90732. |
| Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence IP Gateway devices with software 2.0(3.34) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu90734. |
