Drupal · Drupal General Data Protection Regulation · CVE-2025-31689
**Name of the Vulnerable Software and Affected Versions**
Drupal General Data Protection Regulation versions 0.0.0 through 3.0.1, versions 3.1.0 through 3.1.2
**Description**
The issue is a Cross-Site Request Forgery (CSRF) vulnerability, which allows for Cross Site Request Forgery. This is a type of attack where an attacker tricks a user into performing unintended actions on a web application that the user is authenticated to.
**Recommendations**
For versions 0.0.0 through 3.0.1, update to version 3.0.1 or later.
For versions 3.1.0 through 3.1.2, update to version 3.1.2 or later.