Timezone Detect - Moderately Critical - Cross Site Request Forgery - SA-CONTRIB-2017-020

This module enables sites to automatically detect and set user timezones via JavaScript. The module does not sufficiently protect against Cross-Site Request Forgery CSRF: an attacker could use this vulnerability to manipulate a user's timezone setting. The security implication of this issue depen...