SA-CONTRIB-2012-116 - Subuser - Cross Site Request Forgery (CSRF) and Access Bypass
The Subuser module allows users to be given the permission to create subusers. The subusers may then be automatically assigned a role or roles. The parent user then has the ability to manage the subusers they have created. A parent user is allowed to assume the role of a subuser they created swit...