CVE-2015-7233

Open Semantic Framework 7.x-3.x - Cross-Site Request Forgery via OSF Import Module

Title source: llm
STIX 2.1

Description

Cross-site request forgery (CSRF) vulnerability in the OSF module 7.x-3.x before 7.x-3.1 for Drupal, when the OSF Import module is enabled, allows remote attackers to hijack the authentication of administrators for requests that create new OSF datasets via unspecified vectors.

References (2)

Core 2
Core References
Patch x_refsource_confirm
https://www.drupal.org/node/2537120
Patch, Vendor Advisory x_refsource_misc
https://www.drupal.org/node/2537860

Scores

EPSS 0.0054
EPSS Percentile 41.3%

Details

CWE
CWE-352
Status published
Products (2)
structured_dynamics/open_semantic_framework 7.x-3.0
structured_dynamics/open_semantic_framework 7.x-3.x dev
Published Sep 17, 2015
Tracked Since Feb 18, 2026