CVE-2025-3131

CVE-2025-3131: ECA: Event - Condition - Action - Critical - Cross site request forgery - SA-CONTRIB-2025-031

Vendor Drupal
Product ECA: Event - Condition - Action
Weakness CWE-352 · CSRF
Published April 9, 2025
Last update April 9, 2025

CVSS base score

What the vulnerability does

01Description

Cross-Site Request Forgery (CSRF) vulnerability in Drupal ECA: Event - Condition - Action allows Cross Site Request Forgery.This issue affects ECA: Event - Condition - Action: from 0.0.0 before 1.1.12, from 2.0.0 before 2.0.16, from 2.1.0 before 2.1.7, from 0.0.0 before 1.2.*.

Key dates

02Disclosure timeline

April 9, 2025 CVE published
April 9, 2025 Record updated

Related vulnerabilities

04Related CVE