CVE-2015-4352

Cross-site request forgery (CSRF) vulnerability in the Spider Video Player module for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete videos via unspecified vectors.
CSRF
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 32%
VendorProductVersion
web-doradoweb-dorado_spider_video_player
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.openwall.com/lists/oss-security/2015/04/25/6
http://www.securityfocus.com/bid/72817
https://www.drupal.org/node/2437981
http://www.openwall.com/lists/oss-security/2015/04/25/6
http://www.securityfocus.com/bid/72817
https://www.drupal.org/node/2437981