CVE-2025-31684

MEDIUM Year: 2025
CVSS v3 Score
6.8
Medium
Weakness Type
CWE-352
View all →

Vulnerability Description

Cross-Site Request Forgery (CSRF) vulnerability in Drupal OAuth2 Client allows Cross Site Request Forgery.This issue affects OAuth2 Client: from 0.0.0 before 4.1.3.

Related Vulnerabilities

CVE-2017-1000147

MEDIUM
CVSS:6.8(Medium)

Mahara 1.9 before 1.9.8 and 1.10 before 1.10.6 and 15.04 before 15.04.3 are vulnerable to perform a cross-site request forgery (CSRF) attack on the uploader contained in Mahara's filebrowser widget. T...

CWE-3522017

CVE-2017-17982

MEDIUM
CVSS:6.8(Medium)

PHP Scripts Mall Muslim Matrimonial Script has CSRF via admin/subadmin_edit.php.

CWE-3522017

CVE-2018-10223

MEDIUM
CVSS:6.8(Medium)

An issue was discovered in YzmCMS 3.8. There is a CSRF vulnerability that can add an admin account via /index.php/admin/admin_manage/add.html.

CWE-3522018

CVE-2018-10224

MEDIUM
CVSS:6.8(Medium)

An issue was discovered in YzmCMS 3.8. There is a CSRF vulnerability that can add a tag via /index.php/admin/tag/add.html.

CWE-3522018

CVE-2018-5073

MEDIUM
CVSS:6.8(Medium)

Online Ticket Booking has CSRF via admin/movieedit.php.

CWE-3522018