The vulnerability of the Migrate queue importer in Drupal CMS systems, related to the manipulation of cross-site requests, allows a hacker to perform a CSRF attack.

The vulnerability of the Migrate queue importer in Drupal CMS systems is related to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to perform a CSRF attack remotely...

CVE-2024-13260

Cross-Site Request Forgery CSRF vulnerability in Drupal Migrate queue importer allows Cross Site Request Forgery.This issue affects Migrate queue importer: from 0.0.0 before 2.1.1...

CVE-2024-13260

CVE-2024-13260 describes a Cross-Site Request Forgery in the Drupal Migrate queue importer module. The flaw affects the module versions from 0.0.0 up to 2.1.1 and stems from insufficient CSRF protection when performing cron migrations. Exploitation context in the public docs indicates an attacker...

CVE-2024-13260 Migrate queue importer - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-024

Cross-Site Request Forgery CSRF vulnerability in Drupal Migrate queue importer allows Cross Site Request Forgery.This issue affects Migrate queue importer: from 0.0.0 before 2.1.1...

CVE-2024-13260 Migrate queue importer - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-024

Cross-Site Request Forgery CSRF vulnerability in Drupal Migrate queue importer allows Cross Site Request Forgery.This issue affects Migrate queue importer: from 0.0.0 before 2.1.1...

Drupal 安全漏洞

Drupal is an open source content management system developed in the PHP language by the Drupal community. A security vulnerability exists in Drupal Migrate queue importer prior to version 2.1.1, which stems from the inclusion of a cross-site request forgery vulnerability...

DRUPAL-CONTRIB-2024-024

The Migrate queue importer module enables you to create cron migrationsconfiguration entities with a reference towards migration entities in order to import them during cron runs. The module doesn't sufficiently protect against Cross Site Request Forgery under specific scenarios allowing an...

Migrate queue importer - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-024

The Migrate queue importer module enables you to create cron migrationsconfiguration entities with a reference towards migration entities in order to import them during cron runs. The module doesn't sufficiently protect against Cross Site Request Forgery under specific scenarios allowing an...

Drupal Migrate queue importer module < 2.1.1 - Administrator+ Cross Site Request Forgery (CSRF) vulnerability

Administrator+ Cross Site Request Forgery CSRF vulnerability discovered by Pierre Rudloff in WordPress Module Migrate queue importer versions 2.1.1...

PT-2024-10357 · Drupal · Migrate Queue Importer

Name of the Vulnerable Software and Affected Versions: Migrate queue importer versions 0.0.0 through 2.1.1 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability in the Migrate queue importer module of the Drupal content management system. This vulnerability allows f...