Cross-site request forgery (CSRF) vulnerability in the Commerce Reorder module before 7.x-1.1 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that add items to the shopping cart.
CPE | Name | Operator | Version |
---|---|---|---|
commerce_reorder | eq | <= 7.x-1.0 | |
commerce_reorder | eq | 7.x-1.x dev |