The Migrate queue importer module enables you to create cron migrations(configuration entities) with a reference towards migration entities in order to import them during cron runs. The module doesnβt sufficiently protect against Cross Site Request Forgery under specific scenarios allowing an attacker to enable/disable a cron migration. This vulnerability is mitigated by the fact that an attacker must know the id of the migration.
Vendor | Product | Version | CPE |
---|---|---|---|
drupal | migrate_queue_importer | * | cpe:2.3:a:drupal:migrate_queue_importer:*:*:*:*:*:*:*:* |