Cross-site request forgery (CSRF) vulnerability in the Webform Multiple File Upload module 6.x-1.x prior to 6.x-1.3 and 7.x-1.x prior to 7.x-1.3 for Drupal allows remote malicious users to hijack the authentication of certain users for requests that delete files via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
webform multiple file upload project webform multiple file upload 6.x-1.1 |
||
webform multiple file upload project webform multiple file upload 6.x-1.2 |
||
webform multiple file upload project webform multiple file upload 7.x-1.x |
||
webform multiple file upload project webform multiple file upload 7.x-1.2 |
||
webform multiple file upload project webform multiple file upload 6.x-1.0 |