Vulnerabilities > User Import Project > User Import > 6.x.4.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-06-15 | CVE-2015-4390 | Cross-Site Request Forgery (CSRF) vulnerability in User Import Project User Import Multiple cross-site request forgery (CSRF) vulnerabilities in the User Import module 6.x-4.x before 6.x-4.4 and 7.x-2.x before 7.x-2.3 for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) continue or (2) delete an ongoing import via unspecified vectors. | 6.8 |