Cross-site request forgery (CSRF) vulnerability in the Node Template module for Drupal allows remote attackers to hijack the authentication of users with the βaccess node templateβ permission for requests that delete node templates via unspecified vectors.