CVE-2014-5268

Name of the Vulnerable Software and Affected Versions Fasttoggle module versions 7.x-1.3 through 7.x-1.4 for Drupal

Description The issue allows remote attackers to block or unblock an account via a crafted user status link.

Recommendations For Fasttoggle module versions 7.x-1.3 and 7.x-1.4, consider disabling the module until a patch is available to prevent exploitation.