CVE-2015-7233
Open Semantic Framework 7.x-3.x - Cross-Site Request Forgery via OSF Import Module
Title source: llmDescription
Cross-site request forgery (CSRF) vulnerability in the OSF module 7.x-3.x before 7.x-3.1 for Drupal, when the OSF Import module is enabled, allows remote attackers to hijack the authentication of administrators for requests that create new OSF datasets via unspecified vectors.
References (2)
Core 2
Core References
Patch x_refsource_confirm
https://www.drupal.org/node/2537120
Patch, Vendor Advisory x_refsource_misc
https://www.drupal.org/node/2537860
Scores
EPSS
0.0054
EPSS Percentile
41.3%
Details
CWE
CWE-352
Status
published
Products (2)
structured_dynamics/open_semantic_framework
7.x-3.0
structured_dynamics/open_semantic_framework
7.x-3.x dev
Published
Sep 17, 2015
Tracked Since
Feb 18, 2026