Multiple cross-site request forgery (CSRF) vulnerabilities in the Views UI implementation in the Views module 5.x prior to 5.x-1.8 and 6.x prior to 6.x-2.11 for Drupal allow remote malicious users to hijack the authentication of administrators for requests that (1) enable all Views or (2) disable all Views.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
earl_miles views 5.x-1.0 |
||
earl_miles views 5.x-1.1 |
||
earl_miles views 5.x-1.x |
||
earl_miles views 5.x-1.5 |
||
earl_miles views 5.x-1.6 |
||
earl_miles views 5.x-1.2 |
||
earl_miles views 5.x-1.4 |
||
earl_miles views 5.x-1.7 |
||
earl_miles views 5.x-1.3 |
||
earl_miles views 5.x-1.4-2 |
||
earl_miles views 6.x-2.0 |
||
earl_miles views 6.x-2.3 |
||
earl_miles views 6.x-2.5 |
||
earl_miles views 6.x-3.x |
||
earl_miles views 6.x-2.7 |
||
earl_miles views 6.x-3.0 |
||
earl_miles views 6.x-2.9 |
||
earl_miles views 6.x-2.6 |
||
earl_miles views 6.x-2.x |
||
earl_miles views 6.x-2.8 |
||
earl_miles views 6.x-2.4 |
||
earl_miles views 6.x-2.10 |
||
earl_miles views 6.x-2.2 |
||
earl_miles views 6.x-2.1 |
Vulmon