{"id":"CVE-2026-13243","summary":"Salesforce Suite - Moderately critical - Cross-site request forgery - SA-CONTRIB-2026-063","details":"Cross-Site Request Forgery (CSRF) vulnerability in Drupal Salesforce Suite allows Cross Site Request Forgery. This issue affects Salesforce Suite versions: from 0.0.0 to 5.1.3.","aliases":["DRUPAL-CONTRIB-2026-063"],"modified":"2026-07-16T03:31:15.371227955Z","published":"2026-07-10T21:44:55.591Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/13xxx/CVE-2026-13243.json","cna_assigner":"drupal","cwe_ids":["CWE-352"]},"references":[{"type":"WEB","url":"https://git.drupalcode.org/project/salesforce"},{"type":"WEB","url":"https://www.drupal.org/project/salesforce"},{"type":"WEB","url":"https://www.drupal.org/sa-contrib-2026-063"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/13xxx/CVE-2026-13243.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-13243"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.drupalcode.org/project/salesforce","events":[{"introduced":"0"},{"fixed":"4176676bb7d305865be994ce5613ea85a8f9d7c9"}],"database_specific":{"source":"AFFECTED_FIELD","extracted_events":[{"introduced":"0.0.0"},{"fixed":"5.1.3"}]}}],"versions":["5.1.3-beta4","5.1.3-beta3","5.1.3-beta2","5.1.3-beta1","5.1.2","5.1.1","5.1.0","5.0.4","5.0.3","5.0.2","5.0.1","5.0.0","5.0.0-beta1","5.0.0-alpha2","8.x-4.2","5.0.0-alpha1","8.x-4.1","8.x-4.0","8.x-4.0-beta4","8.x-4.0-beta3","8.x-4.0-beta2","8.x-4.0-beta1","8.x-3.0","8.x-3.0-rc7","8.x-3.0-rc5","8.x-3.0-rc4","8.x-3.0-rc3","8.x-3.0-rc2","8.x-3.0-rc1","8.x-3.0-beta3","8.x-3.0-beta2","8.x-3.0-beta1","8.x-3.0-alpha3","8.x-3.x-alpha1","7.x-3.0-beta4","7.x-3.0-beta2","7.x-3.0-beta1","7.x-3.0-alpha2","7.x-3.0-alpha1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-13243.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}]}