CVE-2020-13663
Description
Cross Site Request Forgery vulnerability in Drupal Core Form API does not properly handle certain form input from cross-site requests, which can lead to other vulnerabilities.
CWE
- (none)
Affected
- Drupal / Drupal Core — v=7.x <7.72 [affected]; v=8.8.x <8.8.8 [affected]; v=8.9.x <8.9.1 [affected]; v=9.0.x <9.0.1 [affected]
CVSS
- (none)
References
- https://www.drupal.org/sa-core-2020-004 x_refsource_CONFIRM
Source
cvelistV5-main/cves/2020/13xxx/CVE-2020-13663.json