Drupal · Drupal · CVE-2013-2158
**Name of the Vulnerable Software and Affected Versions**
Drupal versions 6.x-3.x through 7.x-3.x before 7.x-3.4
**Description**
A cross-site request forgery (CSRF) issue exists, allowing remote attackers to hijack the authentication of victims via unknown vectors.
**Recommendations**
For versions 6.x-3.x through 7.x-3.x before 7.x-3.4, update to version 7.x-3.4 or later to resolve the issue.