CVE-2012-2116

2012-08-31T18:55:01
ID CVE-2012-2116
Type cve
Reporter NVD
Modified 2012-09-04T00:00:00

Description

Cross-site request forgery (CSRF) vulnerability in the Commerce Reorder module before 7.x-1.1 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that add items to the shopping cart.