{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-4393", "assignerOrgId": "2c85b837-eb8b-40ed-9d74-228c62987387", "state": "PUBLISHED", "assignerShortName": "drupal", "dateReserved": "2026-03-18T15:21:32.561Z", "datePublished": "2026-03-26T20:10:40.090Z", "dateUpdated": "2026-03-30T14:54:29.743Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "2c85b837-eb8b-40ed-9d74-228c62987387", "shortName": "drupal", "dateUpdated": "2026-03-26T20:10:40.090Z"}, "title": "Automated Logout - Moderately critical - Cross-site request forgery - SA-CONTRIB-2026-030", "datePublic": "2026-03-18T16:10:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-352", "description": "CWE-352 Cross-Site Request Forgery (CSRF)", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-62", "descriptions": [{"lang": "en", "value": "CAPEC-62 Cross Site Request Forgery"}]}], "affected": [{"vendor": "Drupal", "product": "Automated Logout", "collectionURL": "https://www.drupal.org/project/autologout", "repo": "https://git.drupalcode.org/project/autologout", "versions": [{"status": "affected", "version": "0.0.0", "lessThan": "1.7.0", "versionType": "semver"}, {"status": "affected", "version": "2.0.0", "lessThan": "2.0.2", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Cross-Site Request Forgery (CSRF) vulnerability in Drupal Automated Logout allows Cross Site Request Forgery.This issue affects Automated Logout: from 0.0.0 before 1.7.0, from 2.0.0 before 2.0.2.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Cross-Site Request Forgery (CSRF) vulnerability in Drupal Automated Logout allows Cross Site Request Forgery.<p>This issue affects Automated Logout: from 0.0.0 before 1.7.0, from 2.0.0 before 2.0.2.</p>"}]}], "references": [{"url": "https://www.drupal.org/sa-contrib-2026-030"}], "credits": [{"lang": "en", "value": "Pierre Rudloff (prudloff)", "type": "finder"}, {"lang": "en", "value": "Ajit Shinde (ajits)", "type": "remediation developer"}, {"lang": "en", "value": "Jakob P (japerry)", "type": "remediation developer"}, {"lang": "en", "value": "Gareth Alexander (the_g_bomb)", "type": "remediation developer"}, {"lang": "en", "value": "Greg Knaddison (greggles)", "type": "coordinator"}, {"lang": "en", "value": "Juraj Nemec (poker10)", "type": "coordinator"}, {"lang": "en", "value": "Jess (xjm)", "type": "coordinator"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-30T14:42:26.474983Z", "id": "CVE-2026-4393", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-30T14:54:29.743Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-4393", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-30T14:42:26.474983Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-30T14:43:17.003Z"}}], "cna": {"title": "Automated Logout - Moderately critical - Cross-site request forgery - SA-CONTRIB-2026-030", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Pierre Rudloff (prudloff)"}, {"lang": "en", "type": "remediation developer", "value": "Ajit Shinde (ajits)"}, {"lang": "en", "type": "remediation developer", "value": "Jakob P (japerry)"}, {"lang": "en", "type": "remediation developer", "value": "Gareth Alexander (the_g_bomb)"}, {"lang": "en", "type": "coordinator", "value": "Greg Knaddison (greggles)"}, {"lang": "en", "type": "coordinator", "value": "Juraj Nemec (poker10)"}, {"lang": "en", "type": "coordinator", "value": "Jess (xjm)"}], "impacts": [{"capecId": "CAPEC-62", "descriptions": [{"lang": "en", "value": "CAPEC-62 Cross Site Request Forgery"}]}], "affected": [{"repo": "https://git.drupalcode.org/project/autologout", "vendor": "Drupal", "product": "Automated Logout", "versions": [{"status": "affected", "version": "0.0.0", "lessThan": "1.7.0", "versionType": "semver"}, {"status": "affected", "version": "2.0.0", "lessThan": "2.0.2", "versionType": "semver"}], "collectionURL": "https://www.drupal.org/project/autologout", "defaultStatus": "unaffected"}], "datePublic": "2026-03-18T16:10:00.000Z", "references": [{"url": "https://www.drupal.org/sa-contrib-2026-030"}], "x_generator": {"engine": "Vulnogram 1.0.1"}, "descriptions": [{"lang": "en", "value": "Cross-Site Request Forgery (CSRF) vulnerability in Drupal Automated Logout allows Cross Site Request Forgery.This issue affects Automated Logout: from 0.0.0 before 1.7.0, from 2.0.0 before 2.0.2.", "supportingMedia": [{"type": "text/html", "value": "Cross-Site Request Forgery (CSRF) vulnerability in Drupal Automated Logout allows Cross Site Request Forgery.<p>This issue affects Automated Logout: from 0.0.0 before 1.7.0, from 2.0.0 before 2.0.2.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-352", "description": "CWE-352 Cross-Site Request Forgery (CSRF)"}]}], "providerMetadata": {"orgId": "2c85b837-eb8b-40ed-9d74-228c62987387", "shortName": "drupal", "dateUpdated": "2026-03-26T20:10:40.090Z"}}}, "cveMetadata": {"cveId": "CVE-2026-4393", "state": "PUBLISHED", "dateUpdated": "2026-03-30T14:54:29.743Z", "dateReserved": "2026-03-18T15:21:32.561Z", "assignerOrgId": "2c85b837-eb8b-40ed-9d74-228c62987387", "datePublished": "2026-03-26T20:10:40.090Z", "assignerShortName": "drupal"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ajk:automated_logout:*:*:*:*:*:drupal:*:*", "matchCriteriaId": "ACFAF8A2-B596-4E9B-A530-EDB142370F71", "versionEndExcluding": "2.0.2", "versionStartIncluding": "2.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ajk:automated_logout:*:*:*:*:*:drupal:*:*", "matchCriteriaId": "A9EF10FF-13A1-41B7-804F-740951533411", "versionEndExcluding": "8.x-1.7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cross-Site Request Forgery (CSRF) vulnerability in Drupal Automated Logout allows Cross Site Request Forgery.This issue affects Automated Logout: from 0.0.0 before 1.7.0, from 2.0.0 before 2.0.2."}, {"lang": "es", "value": "Vulnerabilidad de falsificaci\u00f3n de petici\u00f3n en sitios cruzados (CSRF) en Drupal Automated Logout permite la falsificaci\u00f3n de petici\u00f3n en sitios cruzados. Este problema afecta a Automated Logout: de 0.0.0 anterior a 1.7.0, de 2.0.0 anterior a 2.0.2."}], "id": "CVE-2026-4393", "lastModified": "2026-04-01T16:16:59.407", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-26T21:17:10.220", "references": [{"source": "mlhess@drupal.org", "tags": ["Vendor Advisory"], "url": "https://www.drupal.org/sa-contrib-2026-030"}], "sourceIdentifier": "mlhess@drupal.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "mlhess@drupal.org", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0.0.0,1.7.0)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[2.0.0,2.0.2)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Automated Logout", "source": "cna", "vendor": "Drupal"}, "product": "automated_logout", "vendor": "drupal"}], "analysis": {"en": {"generated_at": "2026-03-30T16:26:26.952344+00:00", "value": {"mitigation_remediation": ["Upgrade the Automated Logout module to v1.7.0 or later (for the 0.x series) or to v2.0.2 or later (for the 2.x series).", "If an upgrade is not immediately possible, disable the Automated Logout module to prevent unintended logout actions.", "Monitor system logs for unexpected logout requests originating from external URLs.", "Check the Drupal project website for any additional advisories or updates."], "summary": {"action": "Apply Patch", "impact": "Unauthorized Logout via CSRF"}, "threat_synthesis": {"affected_systems": "Drupal installations that use the Automated Logout module are impacted. Versions earlier than 1.7.0 for the 0.x series and earlier than 2.0.2 for the 2.x series contain the flaw. No other vendors or products are listed.", "description_and_impact": "The Drupal Automated Logout module contains a Cross\u2011Site Request Forgery flaw that enables an attacker to force logged\u2011in users to log out without authorization. By crafting a malicious link or embedding the logout URL into a third\u2011party page, an adversary can trigger a logout request when a victim visits that page. This denial of session can lead to lost work, interrupted workflows, and potential chaining with other vulnerabilities if a user must re\u2011authenticate.", "risk_and_exploitability": "The CVSS score is 4.3, indicating moderate severity. EPSS indicates a very low likelihood of exploitation (<1%). The vulnerability is not included in CISA\u2019s KEV catalog. Exploitation requires a victim to click a crafted link or visit an infected site, so it relies on user interaction and social engineering. The risk to organizations is low but should not be ignored, especially in environments where user sessions are critical."}}}}, "created": "2026-03-27T08:32:07.106368+00:00", "updated": "2026-03-30T20:57:28.154234+00:00", "vendors": ["drupal", "drupal$PRODUCT$automated_logout"]}