CVE-2016-3188

Name of the Vulnerable Software and Affected Versions Drupal Prepopulate module versions 7.x-2.x before 7.x-2.1

Description The issue in the Prepopulate module allows remote attackers to modify certain fields, including actions, container, token, password, password confirm, text format, and markup, which could have unspecified impact. The attack vector is not specified.

Recommendations For versions 7.x-2.x before 7.x-2.1, update to version 7.x-2.1 or later to resolve the issue.