CVE-2024-13284

Name of the Vulnerable Software and Affected Versions Gutenberg versions 0.0.0 through 2.12.0 Gutenberg versions 3.0.0 through 3.0.4

Description The issue is related to a Cross-Site Request Forgery (CSRF) vulnerability in Drupal Gutenberg, which allows for Cross-Site Request Forgery. This vulnerability can be exploited by a remote attacker to perform a CSRF attack.

Recommendations For Gutenberg versions 0.0.0 through 2.12.0, update to version 2.13.0 or later. For Gutenberg versions 3.0.0 through 3.0.4, update to version 3.0.5 or later. As a temporary workaround, consider disabling the Gutenberg module until a patch is available. Restrict access to the Gutenberg module to minimize the risk of exploitation.