Drupal core - Moderately critical - Cross Site Request Forgery - SA-CORE-2021-007
|
System information
|
|
|
Affected software |
Drupal |
Description
|
Project: Drupal coreDate: 2021-September-15Security risk: Moderately critical 14∕25 AC:Complex/A:None/CI:Some/II:Some/E:Theoretical/TD:DefaultVulnerability: Cross Site Request ForgeryCVE IDs: CVE-2020-13674Description: The QuickEdit module does not properly validate access to routes, which could allow cross-site request forgery under some circumstances and lead to possible data integrity issues.Sites are only affected if the QuickEdit module (which comes with the Standard profile) is
More info:
https://www.drupal.org/sa-core-2021-007 |
Standar resources
|
Property |
Value |
CVE |
CVE-2020-13674. |