Project:
Date:
2023-June-28
Vulnerability:
Cross Site Request Forgery
Affected versions:
>=2.2.0 <2.2.2
Description:
This module provides integration with Mailchimp, a popular email delivery service.
A route related to OAuth authentication is not protected against a Cross Site Request Forgery attack.
Solution:
Install the latest version:
- If you use the mailchimp module for Drupal 8.x, upgrade to mailchimp 2.2.2
Reported By:
- Heine of the Drupal Security Team
Fixed By:
Coordinated By:
- Heine of the Drupal Security Team
- Greg Knaddison of the Drupal Security Team
