Multiple cross-site request forgery (CSRF) vulnerabilities in the Search API module 7.x-1.x prior to 7.x-1.3 for Drupal allow remote malicious users to hijack the authentication of administrators for requests that (1) enable a server via a server action or (2) enable a search index via an enable index action.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
thomas_seidl search_api 7.x-1.0 |
||
thomas_seidl search_api 7.x-1.x |
||
thomas_seidl search_api 7.x-1.2 |
||
thomas_seidl search_api 7.x-1.1 |