2007-12-12 01:00:00
redhat
PUBLISHED
Feature 4.7.x-dev and 5.x-dev before 20071206, a Drupal module, does not follow Drupals Forms API submission model, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks.