6.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
34.5%
Feature 4.7.x-dev and 5.x-dev before 20071206, a Drupal module, does not follow Drupalβs Forms API submission model, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks.
drupal.org/node/198164
osvdb.org/43671