CVE-2012-4478
The CVE-2012-4478 vulnerability is a CSRF flaw in Drupal’s Drag & Drop Gallery 6.x module that can enable remote attackers to hijack an administrator’s session. Affected component: Drag & Drop Gallery module (Drupal contrib) 6.x. Root cause: CSRF in the module’s handling of admin actions, allowin...