Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-31688

Cross-Site Request Forgery (CSRF) vulnerability in Drupal Configuration Split allows Cross Site Request Forgery.This issue affects Configuration Split: from 0.0.0 before 1.10.0, from 2.0.0 before 2.0.2.

Published

2025-03-31T22:15:21.413

Last Modified

2025-08-28T14:54:03.030

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 6.8 (MEDIUM)

Weaknesses

Type: Secondary
CWE-352

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	nuvole	configuration_split	< 1.10.0	Yes
Application	nuvole	configuration_split	< 2.0.2	Yes

References

https://www.drupal.org/sa-contrib-2025-017 Third Party Advisory ([email protected])