CVE-2026-4393
Automated Logout - Moderately critical - Cross-site request forgery - SA-CONTRIB-2026-030
CVSS Score
4.3
EPSS Score
0.0%
EPSS Percentile
1th
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Automated Logout allows Cross Site Request Forgery.This issue affects Automated Logout: from 0.0.0 before 1.7.0, from 2.0.0 before 2.0.2.
| CWE | CWE-352 |
| Vendor | drupal |
| Product | automated logout |
| Ecosystems | |
| Industries | WebMedia |
| Published | Mar 26, 2026 |
| Last Updated | Mar 30, 2026 |
Stay Ahead of the Next One
Get instant alerts for drupal automated logout
Be the first to know when new medium vulnerabilities affecting drupal automated logout are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Drupal / Automated Logout
0.0.0 < 1.7.0 2.0.0 < 2.0.2
Credits
Pierre Rudloff (prudloff) Ajit Shinde (ajits) Jakob P (japerry) Gareth Alexander (the_g_bomb) Greg Knaddison (greggles) Juraj Nemec (poker10) Jess (xjm)