Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Civicrm Subscribe
Filtered by product Civicrm Private Report
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-4391 1 Civicrm 1 Civicrm Private Report 2016-06-09 6.8 MEDIUM N/A
Cross-site request forgery (CSRF) vulnerability in the CiviCRM private report module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to hijack the authentication of users for requests that delete reports via unspecified vectors.