Aggregates CVE and security vulnerability intelligence across all structured_dynamics-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk csrf and vendor risk input validation and related problems; some flaws may lead to vendor impact session compromise, affecting vendor surface production workloads scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2015-7234 | The OSF module 7.x-3.x before 7.x-3.1 for Drupal, when the OSF Ontology and OSF Import modules are enabled, allows user-assisted remote attackers to delete arbitrary files via unspecified vectors. | [email protected] | 4.0 | 2.00% | 2015-09-17 | 2026-06-17 |
| CVE-2015-7233 | Cross-site request forgery (CSRF) vulnerability in the OSF module 7.x-3.x before 7.x-3.1 for Drupal, when the OSF Import module is enabled, allows remote attackers to hijack the authentication of administrators for requests that create new OSF datasets via unspecified vectors. | [email protected] | 5.1 | 0.54% | 2015-09-17 | 2026-06-17 |
| CVE-2015-7232 | Cross-site scripting (XSS) vulnerability in unspecified administration pages in the OSF module 7.x-3.x before 7.x-3.1 for Drupal, when the OSF Ontology module is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | [email protected] | 2.6 | 0.91% | 2015-09-17 | 2026-06-17 |