This module provides a site administrator the ability to log users out after a specified time of inactivity.
The module doesn't sufficiently protect its routes from cross-site request forgery (CSRF), allowing the logout route to be triggered without user interaction.