Beta

Report

CiviCRM private report < 6.x-1.2,< 7.x-1.3 is vulnerable to Unauthenticated Cross Site Request Forgery (CSRF) vulnerability

Unauthenticated
Published
2015-04-07

Unauthenticated Cross Site Request Forgery (CSRF) vulnerability

CVE

https://www.cve.org/CVERecord?id=CVE-2015-4391

CVSS

Score:7.3

Severity:High

Version:< 6.x-1.2,< 7.x-1.3

There is a patch available in v6.x-1.2,7.x-1.3 and we strongly recommend you update to this version as soon as possible.