CVE

Id
81638  
CVE No.
CVE-2015-4361  
Status
Candidate  
Description
Cross-site request forgery (CSRF) vulnerability in the Registration codes module before 6.x-1.6 for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete registration codes via unspecified vectors.  
Phase
Assigned (20150605)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
733234 81638 CVE-2015-4361 MLIST:[oss-security] 20150425 CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-034 to SA-CONTRIB-2015-099)  View
733235 81638 CVE-2015-4361 URL:http://www.openwall.com/lists/oss-security/2015/04/25/6  View
733236 81638 CVE-2015-4361 MISC:https://www.drupal.org/node/2445955  View
733237 81638 CVE-2015-4361 CONFIRM:https://www.drupal.org/node/2446157  View
733238 81638 CVE-2015-4361 BID:72961  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
7942 JVNDB-2015-003262 WordPress 用 Nextend Facebook Connect プラグインの nextend-facebook-connect.php におけるクロスサイトスクリプティングの脆弱性 WordPress 用 Nextend Facebook Connect プラグインの nextend-facebook-connect.php の new_fb_sign_button 関数には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2015-4413 81638 4.3 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-003262.html  View