Description
Cross-site request forgery (CSRF) vulnerability in the Mark Complete module 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
References (4)
Core 4
Core References
Various Sources x_refsource_confirm
https://drupal.org/node/1890566
Various Sources x_refsource_confirm
http://drupalcode.org/project/mark_complete.git/commitdiff/a18c7b2
Vendor Advisory x_refsource_misc
https://drupal.org/node/1890538
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2013/01/21/5
Scores
EPSS
0.0064
EPSS Percentile
46.5%
Details
CWE
CWE-352
Status
published
Products (1)
leighton_whiting/mark_complete
Published
Mar 19, 2013
Tracked Since
Feb 18, 2026