CVE-2012-2716

Cross-site request forgery CSRF vulnerability in the Comment Moderation module 6.x-1.x before 6.x-1.1 for Drupal allows remote attackers to hijack the authentication of administrators for requests that publish comments...

CVE-2012-2716

CVE-2012-2716 is a CSRF vulnerability in the Drupal Comment Moderation module (6.x-1.x) prior to 6.x-1.1. The issue stems from insufficient protection of the publish link URL, allowing remote attackers to perform actions as an administrative user to publish comments. Vulnerable component: Comment...