CVE-2020-13663

Summary

Cross Site Request Forgery vulnerability in Drupal Core Form API does not properly handle certain form input from cross-site requests, which can lead to other vulnerabilities.

Affected Software

VendorProductVersion RangeStatus
DrupalDrupal Core7.x < 7.72affected
DrupalDrupal Core8.8.x < 8.8.8affected
DrupalDrupal Core8.9.x < 8.9.1affected
DrupalDrupal Core9.0.x < 9.0.1affected

Weaknesses

  • Cross Site Request Forgery

ADP Enrichment

CVE Program Container

Additional References

References