Drupal User Import Module Multiple Cross Site Request Forgery Vulnerabilities

The User Import module for Drupal is prone to multiple cross-site request-forgery vulnerabilities because it fails to properly sanitize user-supplied input.

An attacker can exploit these issues to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible.


 

Privacy Statement
Copyright 2010, SecurityFocus