Cross-Site Request Forgery (CSRF) vulnerability in Drupal Automated Logout allows Cross Site Request Forgery.This issue affects Automated Logout: from 0.0.0 before 1.7.0, from 2.0.0 before 2.0.2.

Description

Affected Products

Vendor	Product	Versions
Drupal	Automated Logout	1.6.x, 2.0.1

References

https://www.drupal.org/sa-contrib-2026-030

Related News (1 articles)

Tier C

VulDB2h ago

CVE-2026-4393 | Automated Logout up to 1.6.x/2.0.1 on Drupal cross-site request forgery (sa-contrib-2026-030)

→ No new info (linked only)

CISA KEV❌ No

Actively exploited❌ No

CWECWE-352

Published3/26/2026

Last enriched27m agov2

Trending Score20

Source articles1

Independent1

Info Completeness7/14

Missing: cvss, epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Pin to Dashboard

Verification

State: verified

Confidence: 100%

Version History

Last enriched 27m ago

v2Tier C27m ago

Updated vendor to Drupal, product to Automated Logout, added affected versions 1.6.x and 2.0.1, and changed severity to HIGH.

vendorproductaffectedVersions

via VulDB

v12h ago

Initial creation