Cross-Site Request Forgery (CSRF) vulnerability in Drupal Ray Enterprise Translation allows Cross Site Request Forgery. This issue affects Ray Enterprise Translation versions: from 0.0.0 to 4.0.4, from 4.1.0 to 4.1.4, from 11.0.0 to 11.0.4.
References
History

Mon, 13 Jul 2026 18:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Mon, 13 Jul 2026 15:15:00 +0000

Type Values Removed Values Added
First Time appeared Drupal
Drupal ray Enterprise Translation
Vendors & Products Drupal
Drupal ray Enterprise Translation

Fri, 10 Jul 2026 22:00:00 +0000

Type Values Removed Values Added
Description Cross-Site Request Forgery (CSRF) vulnerability in Drupal Ray Enterprise Translation allows Cross Site Request Forgery. This issue affects Ray Enterprise Translation versions: from 0.0.0 to 4.0.4, from 4.1.0 to 4.1.4, from 11.0.0 to 11.0.4.
Title Ray Enterprise Translation - Moderately critical - Cross site request forgery - SA-CONTRIB-2026-071
Weaknesses CWE-352
References

cve-icon MITRE

Status: PUBLISHED

Assigner: drupal

Published: 2026-07-10T21:46:20.380Z

Updated: 2026-07-13T17:52:19.827Z

Reserved: 2026-07-08T15:44:54.212Z

Link: CVE-2026-15080

cve-icon Vulnrichment

Updated: 2026-07-13T17:41:46.202Z

cve-icon NVD

No data.

cve-icon Redhat

No data.