CVE-2012-2097

2012-08-14T21:55:00
ID CVE-2012-2097
Type cve
Reporter cve@mitre.org
Modified 2017-08-29T01:31:00

Description

Cross-site request forgery (CSRF) vulnerability in the Autosave module 6.x before 6.x-2.10 and 7.x-2.x before 7.x-2.0 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests involving "submitting saved results to a node."