Low severityNVD Advisory· Published Mar 31, 2025· Updated Apr 29, 2025
Configuration Split - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2025-017
CVE-2025-31688
Description
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Configuration Split allows Cross Site Request Forgery.This issue affects Configuration Split: from 0.0.0 before 1.10.0, from 2.0.0 before 2.0.2.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
drupal/config_splitPackagist | < 1.10.0 | 1.10.0 |
drupal/config_splitPackagist | >= 2.0.0, < 2.0.2 | 2.0.2 |
Affected products
2- Range: 0.0.0
Patches
Vulnerability mechanics
References
3- github.com/advisories/GHSA-qq45-cqhg-jwx5ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-31688ghsaADVISORY
- www.drupal.org/sa-contrib-2025-017ghsaWEB
News mentions
0No linked articles in our index yet.