CVE-2025-13982

CVSS v3.1

8.1

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions Drupal Login Time Restriction versions prior to 1.0.3

Description A Cross-Site Request Forgery (CSRF) issue exists in the Login Time Restriction module. This allows attackers to perform actions on behalf of authenticated users without their knowledge. The issue allows Cross Site Request Forgery.

Recommendations Update the Login Time Restriction module to version 1.0.3 or later.

Fix

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-352

Related Identifiers

CVE-2025-13982

DRUPAL-CONTRIB-2025-120

Affected Products

Drupal Login Time Restriction

CVE-2025-13982

Weakness Enumeration

Related Identifiers

Affected Products

References · 7