CVE

Id
80632  
CVE No.
CVE-2015-3355  
Status
Candidate  
Description
Multiple cross-site request forgery (CSRF) vulnerabilities in the Batch Jobs module before 7.x-1.2 for Drupal allow remote attackers to hijack the authentication of certain users for requests that (1) delete a batch job record or (2) execute a task via unspecified vectors.  
Phase
Assigned (20150421)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
729158 80632 CVE-2015-3355 MLIST:[oss-security] 20150129 Re: CVEs for Drupal contributed modules - January 2015  View
729159 80632 CVE-2015-3355 URL:http://www.openwall.com/lists/oss-security/2015/01/29/6  View
729160 80632 CVE-2015-3355 MISC:https://www.drupal.org/node/2402839  View
729161 80632 CVE-2015-3355 MISC:https://www.drupal.org/node/2403451  View
729162 80632 CVE-2015-3355 BID:71954  View
729163 80632 CVE-2015-3355 URL:http://www.securityfocus.com/bid/71954  View
729164 80632 CVE-2015-3355 BID:72114  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
7417 JVNDB-2015-002737 Module::Signature におけるファイルの署名の検証を回避される脆弱性 Module::Signature には、ファイルの署名の検証を回避される脆弱性が存在します。 CVE-2015-3407 80632 5 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-002737.html  View