CSRF Vulnerability in Take Control Module for Drupal Allows Authentication Hijacking for File Manipulation

CSRF Vulnerability in Take Control Module for Drupal Allows Authentication Hijacking for File Manipulation

CVE-2012-2341 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Cross-site request forgery (CSRF) vulnerability in the Take Control module 6.x-2.x before 6.x-2.2 for Drupal allows remote attackers to hijack the authentication of unspecified users for Ajax requests that manipulate files.

Learn more about our User Device Pen Test.