Multiple cross-site request forgery (CSRF) vulnerabilities in the Tadaa! module before 7.x-1.4 for Drupal allow remote attackers to hijack the authentication of arbitrary users for requests that (1) enable or (2) disable modules or (3) change variables via unspecified vectors.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published: 2015-04-21T16:00:00
Updated: 2024-08-06T05:47:57.203Z
Reserved: 2015-04-21T00:00:00
Link: CVE-2015-3356

No data.

Status : Deferred
Published: 2015-04-21T16:59:15.903
Modified: 2025-04-12T10:46:40.837
Link: CVE-2015-3356

No data.