Vulnerabilities
Vulnerable Software
The OSF module 7.x-3.x before 7.x-3.1 for Drupal, when the OSF Ontology and OSF Import modules are enabled, allows user-assisted remote attackers to delete arbitrary files via unspecified vectors.
CVSS Score
4.0
EPSS Score
0.02
Published
2015-09-17
Cross-site request forgery (CSRF) vulnerability in the OSF module 7.x-3.x before 7.x-3.1 for Drupal, when the OSF Import module is enabled, allows remote attackers to hijack the authentication of administrators for requests that create new OSF datasets via unspecified vectors.
CVSS Score
5.1
EPSS Score
0.005
Published
2015-09-17
Cross-site scripting (XSS) vulnerability in unspecified administration pages in the OSF module 7.x-3.x before 7.x-3.1 for Drupal, when the OSF Ontology module is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
2.6
EPSS Score
0.009
Published
2015-09-17


Contact Us

Shodan ® - All rights reserved