CVE-2012-2728

Name of the Vulnerable Software and Affected Versions Node Hierarchy module versions 6.x-1.x before 6.x-1.5 for Drupal

Description The issue allows remote attackers to hijack the authentication of administrators for requests that change a node hierarchy position via an up or down action. This is due to multiple cross-site request forgery (CSRF) vulnerabilities in the Node Hierarchy module.

Recommendations For Node Hierarchy module versions 6.x-1.x before 6.x-1.5, update to version 6.x-1.5 or later to resolve the issue.