PT-2026-5206 · Acquia · Acquia Content Hub
Greg Knaddison
+5
·
Published
2026-01-28
·
Updated
2026-02-06
·
CVE-2025-14472
CVSS v3.1
8.1
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Acquia Content Hub versions 0.0.0 through 3.6.3
Acquia Content Hub versions 3.7.0 through 3.7.2
Description
A Cross-Site Request Forgery (CSRF) issue exists in Acquia Content Hub. This allows attackers to perform actions on behalf of authenticated users without their knowledge. CSRF occurs when a malicious website, email, or link tricks a user's browser into sending a request to a vulnerable web application.
Recommendations
Update Acquia Content Hub to a version prior to 0.0.0 or after 3.6.4.
Update Acquia Content Hub to a version prior to 3.7.0 or after 3.7.3.
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Acquia Content Hub