CVE-2024-13250

Name of the Vulnerable Software and Affected Versions Drupal Symfony Mailer Lite versions 0.0.0 through 1.0.6

Description The issue is related to a Cross-Site Request Forgery (CSRF) vulnerability, which can be exploited by a remote attacker to perform a CSRF attack. This vulnerability affects the Drupal Symfony Mailer Lite module, allowing an attacker to forge requests on a user's behalf.

Recommendations For versions 0.0.0 through 1.0.6, update to version 1.0.6 or later to resolve the issue. As a temporary workaround, consider disabling the vulnerable module until a patch is available. Restrict access to the module to minimize the risk of exploitation.