Description
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Theme Negotiation by Rules allows Cross Site Request Forgery.This issue affects Theme Negotiation by Rules: from 0.0.0 before 1.2.1.
Problem types
CWE-352 Cross-Site Request Forgery (CSRF)
Product status
0.0.0 (semver) before 1.2.1
Credits
Juraj Nemec (poker10)
Zoltan Attila Horvath (huzooka)
Juraj Nemec (poker10)
Damien McKenna (damienmckenna)
Greg Knaddison (greggles)
Juraj Nemec (poker10)
Jess (xjm)
References
www.drupal.org/sa-contrib-2026-012