CSRF Vulnerability in Node Template Module for Drupal Allows Unauthorized Deletion of Node Templates

CSRF Vulnerability in Node Template Module for Drupal Allows Unauthorized Deletion of Node Templates

CVE-2015-4397 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Cross-site request forgery (CSRF) vulnerability in the Node Template module for Drupal allows remote attackers to hijack the authentication of users with the "access node template" permission for requests that delete node templates via unspecified vectors.

Learn more about our User Device Pen Test.