Security Advisory

CVE-2015-4390

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2015-06-15 14:00:00

Last updated 2024-08-06 06:11:12

Assigner mitre

State PUBLISHED

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in the User Import module 6.x-4.x before 6.x-4.4 and 7.x-2.x before 7.x-2.3 for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) continue or (2) delete an ongoing import via unspecified vectors.

← Browse all CVEs View on cve.org ↗