Niif » Shibboleth Authentication : Security Vulnerabilities, CVEs, (CSRF)
Cross-site request forgery (CSRF) vulnerability in the Shibboleth Authentication module before 6.x-4.1 and 7.x-4.x before 7.x-4.1 for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete user role matching rules via unspecified vectors.
Max CVSS
5.8
EPSS Score
0.23%
Published
2015-04-21
Updated
2016-12-06
1 vulnerabilities found