diff --git a/docs/changelog/7.x.x.txt b/docs/changelog/7.x.x.txt
index f5f96c10c..6a3007f3a 100644
--- a/docs/changelog/7.x.x.txt
+++ b/docs/changelog/7.x.x.txt
@@ -3,9 +3,8 @@
   - fixed #10626: Carriage returns stripped from Wiki comments
   - fixed #10572: CDN / CloudFront breaks 7.7.11 upgrade
   - fixed #10630: If macro says that 0 is true
-  - WebGUI::Shop::PayDriver::PayPal::PayPalStd replaced by
-    WebGUI::Shop::PayDriver::PayPal.  PayPalStd fought the Shop API and
-    didn't work.
+  - WebGUI::Shop::PayDriver::PayPal::PayPalStd replaced by WebGUI::Shop::PayDriver::PayPal.  PayPalStd fought the Shop API and didn't work.
+  - fixed #10633: GET requests in Operation/User require valid CSRF token.
 
 7.7.14
  - fixed #10606: shelf selector
diff --git a/lib/WebGUI/Operation/User.pm b/lib/WebGUI/Operation/User.pm
index efd899be0..e60754879 100644
--- a/lib/WebGUI/Operation/User.pm
+++ b/lib/WebGUI/Operation/User.pm
@@ -75,15 +75,19 @@ sub _submenu {
 		$ac->addSubmenuItem($session->url->page("op=editUser;uid=new"), $i18n->get(169));
 	}
 
+    $ac->setFormUrl($session->url->page('op=editUser;uid='.$userId));
+    my $formId = $ac->getSubmenuFormId;
 	if (canEdit($session)) {
 		unless ($session->form->process("op") eq "listUsers" 
 			|| $session->form->process("op") eq "deleteUser"
 			|| $userId eq "new") {
 			$ac->addSubmenuItem($session->url->page("op=editUser;uid=$userId"), $i18n->get(457));
-			$ac->addSubmenuItem($session->url->page("op=becomeUser;uid=$userId"), $i18n->get(751));
+			$ac->addSubmenuItem($session->url->page('op=becomeUser;uid='.$userId), $i18n->get(751), qq|onclick="var thisForm=document.getElementById('$formId');thisForm.op.value='becomeUser';thisForm.submit(); return false;"|);
             my $user = WebGUI::User->new($session, $userId);
 			$ac->addSubmenuItem($user->getProfileUrl(), $i18n->get('view profile'));
-			$ac->addConfirmedSubmenuItem($session->url->page("op=deleteUser;uid=$userId"), $i18n->get(750), $i18n->get(167));
+            my $confirm = $i18n->get(167);
+            $confirm =~ s/([\\\'])/\\$1/g;
+			$ac->addSubmenuItem($session->url->page('op=deleteUser;uid='.$userId), $i18n->get(750), qq|onclick="var ack = confirm('$confirm'); alert(ack); if (ack) { var thisForm=document.getElementById('$formId');thisForm.op.value='deleteUser';thisForm.submit();} return false;"|);
 			if ($session->setting->get("useKarma")) {
 				$ac->addSubmenuItem($session->url->page("op=editUserKarma;uid=$userId"), $i18n->get(555));
 			}
@@ -576,7 +580,7 @@ Allows an administrator to assume another user.
 
 sub www_becomeUser {
 	my $session = shift;
-	return $session->privilege->adminOnly() unless canEdit($session);
+	return $session->privilege->adminOnly() unless canEdit($session) && $session->form->validToken;
 	return undef unless WebGUI::User->validUserId($session, $session->form->process("uid"));
 	$session->var->end($session->var->get("sessionId"));
 	$session->user({userId=>$session->form->process("uid")});
@@ -595,14 +599,14 @@ after this.
 
 sub www_deleteUser {
 	my $session = shift;
-	return $session->privilege->adminOnly() unless canEdit($session);
-	my ($u);
-        if ($session->form->process("uid") eq '1' || $session->form->process("uid") eq '3') {
-	   return WebGUI::AdminConsole->new($session,"users")->render($session->privilege->vitalComponent());
-    } else {
-	   $u = WebGUI::User->new($session,$session->form->process("uid"));
-	   $u->delete;
-       return www_listUsers($session);
+	return $session->privilege->adminOnly() unless canEdit($session) && $session->form->validToken;
+    if ($session->form->process("uid") eq '1' || $session->form->process("uid") eq '3') {
+        return WebGUI::AdminConsole->new($session,"users")->render($session->privilege->vitalComponent());
+    }
+    else {
+        my $u = WebGUI::User->new($session,$session->form->process("uid"));
+        $u->delete;
+        return www_listUsers($session);
     }
 }