CVE-2012-5556

Name of the Vulnerable Software and Affected Versions Drupal RESTWS module versions 7.x-1.x before 7.x-1.1 Drupal RESTWS module versions 7.x-2.x before 7.x-2.0-alpha3

Description The issue allows remote attackers to hijack the authentication of arbitrary users via unknown vectors due to multiple cross-site request forgery (CSRF) vulnerabilities in the RESTful Web Services (RESTWS) module for Drupal.

Recommendations For Drupal RESTWS module versions 7.x-1.x before 7.x-1.1, update to version 7.x-1.1 or later. For Drupal RESTWS module versions 7.x-2.x before 7.x-2.0-alpha3, update to version 7.x-2.0-alpha3 or later.