Drupal Core is prone to a cross-site request forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application; other attacks are also possible. Drupal Core versions 4.7.x ranging from 4.7.0 and up to and including 4.7.10 are vulnerable.


Update to Drupal Core version 4.7.11 or latest


Related Vulnerabilities