Cross-site request forgery (CSRF) vulnerability in the CiviCRM private report module 6.x-1.x prior to 6.x-1.2 and 7.x-1.x prior to 7.x-1.3 for Drupal allows remote malicious users to hijack the authentication of users for requests that delete reports via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
civicrm civicrm private report 7.x-1.2 |
||
civicrm civicrm private report 6.x-1.0 |
||
civicrm civicrm private report 6.x-1.1 |
||
civicrm civicrm private report 7.x-1.0 |
||
civicrm civicrm private report 7.x-1.1 |