SA-CONTRIB-2014-060- Petitions - Cross Site Request Forgery (CSRF)
This distribution enables you to build an application that lets users create and sign petitions. The contained whpetitions module doesn't sufficiently verify the intent of the user when signing a petition. A malicious user could trick another user into signing a petition they did not intend to si...