CVE-2012-2341

Cross-site request forgery CSRF vulnerability in the Take Control module 6.x-2.x before 6.x-2.2 for Drupal allows remote attackers to hijack the authentication of unspecified users for Ajax requests that manipulate files...

CVE-2012-2341

Cross-site request forgery CSRF vulnerability in the Take Control module 6.x-2.x before 6.x-2.2 for Drupal allows remote attackers to hijack the authentication of unspecified users for Ajax requests that manipulate files...

CVE-2012-2341

The Drupal Take Control module (6.x-2.x) is affected by a CSRF vulnerability in Ajax requests that manipulate files due to insufficient validation. Versions prior to 6.x-2.2 allow remote attackers to hijack user authentication for these requests. Remediation: upgrade to Take Control 6.x-2.2 (or l...

SA-CONTRIB-2012-075 - Take Control - Cross Site Request Forgery (CSRF)

CVE: CVE-2012-2341 This module enables you to manage your Drupal file-system from within Drupal itself. The module does not sufficiently validate Ajax calls leading to possibility of a Cross Site Request Forgery CSRF attack. This vulnerability is mitigated by the fact that the attacker must be ab...