Drupal - Feature Module CVE

Filtered by vendor Drupal Subscribe

Filtered by product Feature Module

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2007-6320	1 Drupal	1 Feature Module	2024-02-04	4.3 MEDIUM	N/A
Feature 4.7.x-dev and 5.x-dev before 20071206, a Drupal module, does not follow Drupal's Forms API submission model, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks.

Vulnerabilities (CVE)