Platform
drupal
Component
drupal
Fixed in
3.6.4
3.7.3
3.6.5
CVE-2025-14472 describes a Cross-Site Request Forgery (CSRF) vulnerability discovered in Drupal Acquia Content Hub. A successful exploit allows an attacker to perform unauthorized actions on behalf of an authenticated user, potentially leading to data modification or system compromise. This vulnerability affects versions 3.7.0 through 3.7.3 of Acquia Content Hub and is addressed in version 3.6.4 and later.
The CSRF vulnerability in Drupal Acquia Content Hub allows an attacker to trick a logged-in user into unknowingly executing malicious actions. For example, an attacker could craft a malicious link or embed it in an email, causing the user's browser to send a forged request to the server. This could result in unauthorized content creation, modification, or deletion, impacting the integrity of the content hub. The blast radius extends to any user with access to the Acquia Content Hub, as their actions could be hijacked. Successful exploitation could also lead to privilege escalation if the user has administrative rights.
CVE-2025-14472 was publicly disclosed on 2026-01-28. There are currently no known public proof-of-concept exploits available. The vulnerability is not listed on the CISA KEV catalog as of this writing. The potential for exploitation remains, particularly given the widespread use of Drupal and Acquia Content Hub.
Exploit Status
EPSS
0.02% (5% percentile)
CVSS Vector
The primary mitigation for CVE-2025-14472 is to upgrade Acquia Content Hub to version 3.6.4 or later, which contains the fix. If immediate upgrading is not possible, implement strict input validation and output encoding to prevent the injection of malicious scripts. Consider using a Web Application Firewall (WAF) with CSRF protection rules to filter out suspicious requests. Review and strengthen user access controls to limit the potential impact of a successful attack. After upgrading, verify the fix by attempting to trigger a CSRF attack and confirming that it is blocked.
Update the Acquia Content Hub module to version 3.6.4 or higher, or to version 3.7.3 or higher. This will correct the CSRF vulnerability. You can update the module through the Drupal administration interface or using Composer.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-14472 is a Cross-Site Request Forgery (CSRF) vulnerability affecting Drupal Acquia Content Hub versions 3.7.0–3.7.3, allowing attackers to perform unauthorized actions.
You are affected if you are using Drupal Acquia Content Hub versions 3.7.0 through 3.7.3. Upgrade to 3.6.4 or later to mitigate the risk.
Upgrade Acquia Content Hub to version 3.6.4 or later. Implement input validation and consider a WAF for added protection.
As of now, there are no confirmed reports of active exploitation, but the vulnerability remains a potential risk.
Refer to the official Drupal security advisory for detailed information and updates: [https://www.drupal.org/security/advisories/cve-2025-14472]
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your composer.lock file and we'll tell you instantly if you're affected.