Pieter Frenssen

**Name of the Vulnerable Software and Affected Versions** Drupal Currency versions prior to 3.5.0 **Description** A Cross-Site Request Forgery (CSRF) issue exists in Drupal Currency. This allows attackers to perform actions on behalf of authenticated users without their knowledge. CSRF occurs when a malicious website, email, or other communication tricks a user's browser into sending a request to a vulnerable web application. **Recommendations** Update Drupal Currency to version 3.5.0 or later.