Security Advisory: Upgrade Migrate Queue Importer Module to Version 2.1.1

Data Securty, Cyber Security

Drupal has issued a security advisory for the Migrate queue importer module, addressing a moderately critical Cross-Site Request Forgery (CSRF) vulnerability. This flaw, reported by Pierre Rudloff, affects versions below 2.1.1 and could allow an attacker to enable or disable cron migrations if they know the migration ID. Users are advised to upgrade to version 2.1.1 to mitigate this risk. The fix was implemented by David Bätge and Pierre Rudloff, with coordination from Greg Knaddison, Juraj Nemec, and Michael Hess of the Drupal Security Team.

Source Reference

URL
https://www.drupal.org/sa-contrib-2024-024?utm_source=dlvr.it&utm_medium=twitter

Disclosure: This content is produced with the assistance of AI.

Note: The vision of this web portal is to help promote news and stories around the Drupal community and promote and celebrate the people and organizations in the community. We strive to create and distribute our content based on these content policy. If you see any omission/variation on this please let us know in the comments below and we will try to address the issue as best we can.

Advertisement Here

Upcoming Events

Latest Opportunities

Advertisement Here