EUVD-2025-9033

Malicious code in bioql PyPI...

CVE-2025-31688

Cross-Site Request Forgery CSRF vulnerability in Drupal Configuration Split allows Cross Site Request Forgery.This issue affects Configuration Split: from 0.0.0 before 1.10.0, from 2.0.0 before 2.0.2...

GHSA-QQ45-CQHG-JWX5 Drupal Configuration Split Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Drupal Configuration Split allows Cross Site Request Forgery. This issue affects Configuration Split: from 0.0.0 before 1.10.0, from 2.0.0 before 2.0.2...

Drupal Configuration Split Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Drupal Configuration Split allows Cross Site Request Forgery. This issue affects Configuration Split: from 0.0.0 before 1.10.0, from 2.0.0 before 2.0.2...

CVE-2025-31688

Cross-Site Request Forgery CSRF vulnerability in Drupal Configuration Split allows Cross Site Request Forgery.This issue affects Configuration Split: from 0.0.0 before 1.10.0, from 2.0.0 before 2.0.2...

CVE-2025-31688

Cross-Site Request Forgery CSRF vulnerability in Drupal Configuration Split allows Cross Site Request Forgery.This issue affects Configuration Split: from 0.0.0 before 1.10.0, from 2.0.0 before 2.0.2...

CVE-2025-31688 Configuration Split - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2025-017

Cross-Site Request Forgery CSRF vulnerability in Drupal Configuration Split allows Cross Site Request Forgery.This issue affects Configuration Split: from 0.0.0 before 1.10.0, from 2.0.0 before 2.0.2...

CVE-2025-31688

CVE-2025-31688 is a Cross-Site Request Forgery (CSRF) vulnerability in the Drupal Configuration Split module. The issue affects Configuration Split versions prior to 1.10.0 and prior to 2.0.2 (i.e., 0.0.0–1.9.x and 2.0.0–2.0.1). The root cause is improper CSRF protection on routes that enable/dis...

CVE-2025-31688 Configuration Split - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2025-017

Cross-Site Request Forgery CSRF vulnerability in Drupal Configuration Split allows Cross Site Request Forgery.This issue affects Configuration Split: from 0.0.0 before 1.10.0, from 2.0.0 before 2.0.2...

PT-2025-13852 · Unknown · Configuration Split

Name of the Vulnerable Software and Affected Versions: Configuration Split versions 0.0.0 through 1.9.x Configuration Split versions 2.0.0 through 2.0.1 Description: A Cross-Site Request Forgery CSRF issue affects the Configuration Split module, allowing unauthorized actions to be performed. This...

Drupal Configuration Split 跨站请求伪造漏洞

Drupal Configuration Split is a module in the Drupal community. A cross-site request forgery vulnerability exists in Drupal Configuration Split versions prior to 1.10.0 and versions prior to 2.0.0 through 2.0.2, which stems from cross-site request forgery...

Configuration Split - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2025-017

This module enables you to create super sets of configuration and enable them conditionally, for example have some modules installed only in some environments. The module does not use Cross Site Request Forgery CSRF tokens to protect routes for enabling or disabling a split. This vulnerability is...

Drupal Configuration Split module < 1.10.0,2.0.0-2.0.1 - Unauthenticated Cross Site Request Forgery (CSRF) vulnerability

Unauthenticated Cross Site Request Forgery CSRF vulnerability discovered by Eric Smith ericgsmith in WordPress Module Configuration Split versions 1.10.0,2.0.0-2.0.1...