CSRF Vulnerability in Watchdog Aggregator Module for Drupal
CVE-2015-4355

Currently unrated

Key Information:

Vendor: Watchdog Aggregator Project
Status: Watchdog Aggregator
Vendor: CVE Published:; 15 June 2015

🔔 Create Watchdog Aggregator Project Vulnerability Alert

What is CVE-2015-4355?

A Cross-Site Request Forgery (CSRF) vulnerability in the Watchdog Aggregator module for Drupal allows unauthorized remote attackers to exploit administrator session tokens. This could lead to unauthorized actions such as enabling or disabling the monitoring of sites without the administrator's consent or knowledge, which can compromise the integrity of the website. Users are recommended to apply security patches and evaluate their site configurations to mitigate potential risks.

References

http://www.securityfocus.com/bid/72810

vdb-entryx_refsource_BID

http://www.openwall.com/lists/oss-security/2015/04/25/6

mailing-listx_refsource_MLIST

https://www.drupal.org/node/2437993

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 15, 2015
Vulnerability Reserved
Jun 5, 2015