CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-31684

Cross-Site Request Forgery (CSRF) vulnerability in Drupal OAuth2 Client allows Cross Site Request Forgery.This issue affects OAuth2 Client: from 0.0.0 before 4.1.3.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 5.0%

CVSS Severity

CVSS v3 Score 6.8

References

https://www.drupal.org/sa-contrib-2025-013

Products affected by CVE-2025-31684

Mskcc » Oauth2 Client » Version: 4.0.0

cpe:2.3:a:mskcc:oauth2_client:4.0.0
Mskcc » Oauth2 Client » Version: 4.0.1

cpe:2.3:a:mskcc:oauth2_client:4.0.1
Mskcc » Oauth2 Client » Version: 4.0.2

cpe:2.3:a:mskcc:oauth2_client:4.0.2
Mskcc » Oauth2 Client » Version: 4.0.3

cpe:2.3:a:mskcc:oauth2_client:4.0.3
Mskcc » Oauth2 Client » Version: 4.0.4

cpe:2.3:a:mskcc:oauth2_client:4.0.4
Mskcc » Oauth2 Client » Version: 4.1.0

cpe:2.3:a:mskcc:oauth2_client:4.1.0
Mskcc » Oauth2 Client » Version: 4.1.1

cpe:2.3:a:mskcc:oauth2_client:4.1.1
Mskcc » Oauth2 Client » Version: 4.1.2

cpe:2.3:a:mskcc:oauth2_client:4.1.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-31684

Products

Pricing

Contact Us