CVE-2025-48921

Severity CVSS v4.0:
Pending analysis
Type:
CWE-352 Cross-Site Request Forgery (CSRF)
Publication date:
26/06/2025
Last modified:
09/07/2025

Description

Cross-Site Request Forgery (CSRF) vulnerability in Drupal Open Social allows Cross Site Request Forgery.This issue affects Open Social: from 0.0.0 before 12.3.14, from 12.4.0 before 12.4.13.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:getopensocial:open_social:*:*:*:*:*:drupal:*:* 12.3.14 (excluding)
cpe:2.3:a:getopensocial:open_social:*:*:*:*:*:drupal:*:* 12.4.0 (including) 12.4.13 (excluding)


References to Advisories, Solutions, and Tools