Migrate Tools - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-008

Project: Migrate ToolsDate: 2024-February-07Security risk: Moderately critical 12∕25 AC:Complex/A:None/CI:None/II:Some/E:Theoretical/TD:AllVulnerability: Cross Site Request ForgeryAffected versions: <6.0.3Description: The Migrate Tools module provides tools for running and managing Drupal migrations.
The module doesn't sufficiently protect against Cross Site Request Forgery under specific scenarios allowing an attacker to initiate a migration.
This vulnerability is mitigated by the fact that an attacker must know the name of the migration.Solution: Install the latest version:

Reported By: 

Fixed By: 

Coordinated By: 

Path to article https://www.drupal.org/sa-contrib-2024-008