Cross-Site Request Forgery Vulnerability in Ray Enterprise Translation by Drupal
CVE-2026-15080

Currently unrated

Key Information:

Vendor

Drupal

Vendor
CVE Published:
10 July 2026

What is CVE-2026-15080?

A Cross-Site Request Forgery (CSRF) vulnerability was identified in the Ray Enterprise Translation module for Drupal, allowing attackers to perform unauthorized actions on behalf of users without their consent. This vulnerability affects specific versions of the module and can be exploited if users are tricked into clicking malicious links or interacting with compromised sites while authenticated. It’s crucial for users and administrators of affected versions to apply the necessary updates to mitigate potential risks to their applications.

Affected Version(s)

Ray Enterprise Translation 0.0.0 < 4.0.4

Ray Enterprise Translation 4.1.0 < 4.1.4

Ray Enterprise Translation 11.0.0 < 11.0.4

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Pierre Rudloff (prudloff)
Naresh Bavaskar (naresh_bavaskar)
Greg Knaddison (greggles)
Juraj Nemec (poker10)
Pierre Rudloff (prudloff)
.