CVE-2025-3131

Medium CVSS: 5.4

Cross-Site Request Forgery (CSRF) vulnerability in Drupal ECA: Event - Condition - Action allows Cross Site Request Forgery.This issue affects ECA: Event - Condition - Action: from 0.0.0 before 1.1.12, from 2.0.0 before 2.0.16, from 2.1.0 before 2.1.7, from 0.0.0 before 1.2.*.

Vendor

Drupal

Product

Eca\

CWE

CWE-352

Yayın Tarihi

2025-04-09 18:15:50

Güncelleme

2025-04-22 16:16:30

Source Identifier

mlhess@drupal.org

KEV Date Added

Kategoriler

CWE-352 Eca\ MEDIUM Drupal 2025

Referanslar

https://www.drupal.org/sa-contrib-2025-031

Benzer Kayıtlar

Medium

CVE-2025-13082

User Interface (UI) Misrepresentation of Critical Information vulnerability in Drupal Drupal core allows Content Spoofin…

Low

CVE-2025-13083

Use of Web Browser Cache Containing Sensitive Information vulnerability in Drupal Drupal core allows Exploiting Incorrec…

Medium

CVE-2025-13080

Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal Drupal core allows Forceful Browsing.This i…

Medium

CVE-2025-13081

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allow…

High

CVE-2025-48914

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal COOKiES Con…

High

CVE-2025-48915

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal COOKiES Con…