Secunia Security Advisory – Some vulnerabilities have been reported in the Ajax Session module for Drupal, which can be exploited by malicious people to conduct cross-site request forgery and cross-site scripting attacks.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/77912/sa35232.txt
Source: https://packetstormsecurity.com/files/77912/Secunia-Security-Advisory-35232.html