CVE-2012-2116
The CVE-2012-2116 issue affects the Drupal Commerce Reorder module, specifically versions prior to 7.x-1.1. The root cause is a CSRF vulnerability in the re-order URL that allows remote attackers to hijack a user’s cart by submitting requests to add items. Impact is limited to anyone with access ...