CVE-2015-7234
Open Semantic Framework 7.x-3.x - Arbitrary File Deletion via OSF Ontology and Import Modules
Title source: llmDescription
The OSF module 7.x-3.x before 7.x-3.1 for Drupal, when the OSF Ontology and OSF Import modules are enabled, allows user-assisted remote attackers to delete arbitrary files via unspecified vectors.
References (3)
Core 3
Core References
Patch x_refsource_confirm
http://cgit.drupalcode.org/osf/commit/?id=35c6e61
Patch x_refsource_confirm
https://www.drupal.org/node/2537120
Patch, Vendor Advisory x_refsource_misc
https://www.drupal.org/node/2537860
Scores
EPSS
0.0200
EPSS Percentile
78.4%
Details
CWE
CWE-20
Status
published
Products (2)
structured_dynamics/open_semantic_framework
7.x-3.0
structured_dynamics/open_semantic_framework
7.x-3.x dev
Published
Sep 17, 2015
Tracked Since
Feb 18, 2026