MidnightBSD

Advisories for decisions_project

CVE-2015-4383 MEDIUM

Cross-site request forgery (CSRF) vulnerability in the Decisions module for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that remove individual voters via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
decisions_project decisions 6.x-1.1