Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-1568

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2015-1568
Last Modified 09 Feb 2015 02:26:51
Published 09 Feb 2015 12:59:13
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2015-1568

Summary

Cross-site request forgery (CSRF) vulnerability in the GD Infinite Scroll module before 7.x-1.4 for Drupal allows remote attackers to hijack the authentication of users with the "edit gd infinite scroll settings" permission for requests that delete settings via unspecified vectors.

Vulnerable Systems

Application

  • Studio.gd Gd Infinite Scroll 7.x-1.3


References

CONFIRM - https://www.drupal.org/node/2415219

MISC - https://www.drupal.org/node/2415885

XF - drupal-gdinfinitescroll-csrf(100628)


Last Updated: 27 May 2016 11:07:44