Cross-Site Request Forgery Vulnerability in Salesforce Suite by Drupal
CVE-2026-13243

Currently unrated

Key Information:

Vendor

Drupal

Vendor
CVE Published:
10 July 2026

What is CVE-2026-13243?

A Cross-Site Request Forgery (CSRF) vulnerability exists in the Salesforce Suite for Drupal, allowing attackers to perform unauthorized actions on behalf of users. This security flaw affects Salesforce Suite versions ranging from 0.0.0 to 5.1.3, potentially compromising user accounts and sensitive data. Users are advised to implement security measures and update their installations to mitigate risks.

Affected Version(s)

Salesforce Suite 0.0.0 < 5.1.3

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Muhammedali Aliyev (swordmein)
Aaron Bauman (aaronbauman)
Neil Drumm (drumm)
Juraj Nemec (poker10)
Pierre Rudloff (prudloff)
.