Structured Dynamics » Open Semantic Framework : Security Vulnerabilities, CVEs,

CVE-2015-7234

The OSF module 7.x-3.x before 7.x-3.1 for Drupal, when the OSF Ontology and OSF Import modules are enabled, allows user-assisted remote attackers to delete arbitrary files via unspecified vectors.
Max CVSS
4.0
EPSS Score
0.19%
Published
2015-09-17
Updated
2015-09-23

CVE-2015-7233

Cross-site request forgery (CSRF) vulnerability in the OSF module 7.x-3.x before 7.x-3.1 for Drupal, when the OSF Import module is enabled, allows remote attackers to hijack the authentication of administrators for requests that create new OSF datasets via unspecified vectors.
Max CVSS
5.1
EPSS Score
0.08%
Published
2015-09-17
Updated
2015-09-18

CVE-2015-7232

Cross-site scripting (XSS) vulnerability in unspecified administration pages in the OSF module 7.x-3.x before 7.x-3.1 for Drupal, when the OSF Ontology module is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
2.6
EPSS Score
0.11%
Published
2015-09-17
Updated
2015-09-18
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close