Drupal Commerce Extra Panes Module Cross Site Request Forgery Vulnerability

The Commerce extra panes module for Drupal is prone to a cross-site request-forgery vulnerability.

Exploiting this issue may allow a remote attacker to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible.

Commerce extra panes 7.x-1.x versions prior to 7.x-1.1 are vulnerable.


Privacy Statement
Copyright 2010, SecurityFocus