Home

Description

Cross-Site Request Forgery (CSRF) vulnerability in Drupal Ray Enterprise Translation allows Cross Site Request Forgery. This issue affects Ray Enterprise Translation versions: from 0.0.0 to 4.0.4, from 4.1.0 to 4.1.4, from 11.0.0 to 11.0.4.

PUBLISHED Reserved 2026-07-08 | Published 2026-07-10 | Updated 2026-07-13 | Assigner drupal

Problem types

CWE-352 Cross-Site Request Forgery (CSRF)

Product status

0.0.0 (semver) before 4.0.4
affected

4.1.0 (semver) before 4.1.4
affected

11.0.0 (semver) before 11.0.4
affected

Credits

Pierre Rudloff (prudloff) finder

Naresh Bavaskar (naresh_bavaskar) remediation developer

Greg Knaddison (greggles) coordinator

Juraj Nemec (poker10) coordinator

Pierre Rudloff (prudloff) coordinator

References

www.drupal.org/sa-contrib-2026-071

cve.org (CVE-2026-15080)

nvd.nist.gov (CVE-2026-15080)

Download JSON