CVE-2025-3907

CVE-2025-3907: Search API Solr - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2025-046

Vendor Drupal

Product Search API Solr

Weakness CWE-352 · CSRF

Published April 23, 2025

Last update April 23, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Cross-Site Request Forgery (CSRF) vulnerability in Drupal Search API Solr allows Cross Site Request Forgery.This issue affects Search API Solr: from 0.0.0 before 4.3.9.

Key dates

02Disclosure timeline

April 23, 2025 CVE published

April 23, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-3907 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/352.html

Related vulnerabilities

04Related CVE

CVE-2022-2432 Ecwid Ecommerce Shopping Cart <= 6.10.23 - Cross-Site Request Forgery to Settings/Options Update CVE-2022-23771 IPTIME NAS1DUAL CSRF Vulnerability CVE-2021-38342 Nested Pages <= 3.1.15 Cross-Site Request Forgery to Arbitrary Post Deletion and Modification CVE-2025-14976 User Registration & Membership <= 4.4.8 - Cross-Site Request Forgery to Arbitrary Post Deletion CVE-2023-6980 WP SMS <= 6.5 - Cross-Site Request Forgery to Subscriber Deletion