CVE-2025-3907 – Drupal Search API Solr CSRF

April 23, 2025

CVE ID : CVE-2025-3907

Published : April 23, 2025, 5:16 p.m. | 1 hour, 42 minutes ago

Description : Cross-Site Request Forgery (CSRF) vulnerability in Drupal Search API Solr allows Cross Site Request Forgery.This issue affects Search API Solr: from 0.0.0 before 4.3.9.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2024-58251 – BusyBox Netstat Terminal Escape Sequence Injection Denial of Service

Next Article CVE-2025-3904 – “Drupal Sportsleague Authentication Bypass”

Designing Better UX For Left-Handed People

This week in AI dev tools: Gemini 2.5 Flash-Lite, GitLab Duo Agent Platform beta, and more (July 25, 2025)

Tenable updates Vulnerability Priority Rating scoring method to flag fewer vulnerabilities as critical

Google adds updated workspace templates in Firebase Studio that leverage new Agent mode

Trump’s AI plan says a lot about open source – but here’s what it leaves out

Google’s new Search mode puts classic results back on top – how to access it

These AR swim goggles I tested have all the relevant metrics (and no subscription)

Google’s new AI tool Opal turns prompts into apps, no coding required

Medical Card Generator Android App Project Using SQLite

Medical Card Generator Android App Project Using SQLite

The details of TC39’s last meeting

Laravel Scoped Route Binding for Nested Resource Management

Microsoft: Windows 11 24H2 now works with Easy Anti-Cheat (Fortnite), won’t cause BSODs anymore

Microsoft: Windows 11 24H2 now works with Easy Anti-Cheat (Fortnite), won’t cause BSODs anymore

How to Restore MSN Homepage Fast

How to Connect to Hilton WiFi

CVE-2025-3907 – Drupal Search API Solr CSRF

Rogue CAPTCHAs: Look out for phony verification pages spreading malware

ToolShell: An all-you-can-eat buffet for threat actors

Tally vs Busy – Accounting Software

CVE-2025-31327 – SAP Field Logistics Manage Logistics Data Tampering Vulnerability

CVE-2025-50056 – Joomla RSMail Reflected Cross-Site Scripting Vulnerability

GNOME 49 Makes Papers a Core App, Replacing Evince

Why developer expertise matters more than ever in the age of AI

Forget Satya Nadella’s Windows Phone fumble, Bill Gates’ “greatest mistake of all time” cost Microsoft $400 billion

CVE-2025-5505 – TOTOLINK A3002RU Cross-Site Scripting Vulnerability in Virtual Server Page

I tried Google’s XR glasses and they already beat my Meta Ray-Bans in 3 ways

CVE-2025-3907 – Drupal Search API Solr CSRF

Related Posts