Cross-site request forgery (CSRF) vulnerability in the Admin tools module for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors involving "not checking tokens."
https://exchange.xforce.ibmcloud.com/vulnerabilities/74058
http://www.securityfocus.com/bid/52502