Drupal Spider Catalog Module Cross Site Request Forgery Vulnerability

The Spider Catalog module for Drupal is prone to a cross-site request-forgery vulnerability because it does not properly validate HTTP requests.

Exploiting this issue may allow a remote attacker to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible.

Spider Catalog 6.x and 7.x are vulnerable; other versions may also be affected.


Privacy Statement
Copyright 2010, SecurityFocus