Skip to main content

Ray Enterprise Translation

1 CVEs product

Monthly

CVE-2026-15080 PHP MEDIUM PATCH This Month

Cross-Site Request Forgery in the Drupal Ray Enterprise Translation contrib module lets a remote attacker forge state-changing requests that are executed with the privileges of an authenticated victim (typically a site administrator), potentially altering translation configuration and integrations. It affects module versions below 4.0.4, below 4.1.4, and below 11.0.4, and carries a vendor CVSS of 8.8. No public exploit has been identified at time of analysis and the EPSS score is very low (0.12%, 2nd percentile), indicating no observed exploitation activity.

CSRF Ray Enterprise Translation
NVD
CVSS 3.1
4.3
EPSS
0.1%
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Cross-Site Request Forgery in the Drupal Ray Enterprise Translation contrib module lets a remote attacker forge state-changing requests that are executed with the privileges of an authenticated victim (typically a site administrator), potentially altering translation configuration and integrations. It affects module versions below 4.0.4, below 4.1.4, and below 11.0.4, and carries a vendor CVSS of 8.8. No public exploit has been identified at time of analysis and the EPSS score is very low (0.12%, 2nd percentile), indicating no observed exploitation activity.

CSRF Ray Enterprise Translation
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy