CVE-2025-14472
Published: 28 January 2026
Summary
CVE-2025-14472 is a high-severity CSRF (CWE-352) vulnerability in Acquia Acquia Content Hub. Its CVSS base score is 8.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 3.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-23 (Session Authenticity) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2025-14472 is a Cross-Site Request Forgery (CSRF) vulnerability, classified under CWE-352, in the Acquia Content Hub module for Drupal. It affects Acquia Content Hub versions from 0.0.0 before 3.6.4 and from 3.7.0 before 3.7.3. The vulnerability has a CVSS v3.1 base score of 8.1 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N), indicating high severity due to network accessibility, low attack complexity, no required privileges, and user interaction.
Attackers can exploit this CSRF flaw remotely without authentication by crafting malicious web content, such as a webpage, image, or link, that triggers unauthorized requests from a victim's browser to the vulnerable Drupal site. This requires the victim to be an authenticated user with a session active. Successful exploitation enables high confidentiality and integrity impacts, allowing attackers to perform state-changing actions on behalf of the user, such as data exfiltration or unauthorized modifications.
The Drupal security advisory at https://www.drupal.org/sa-contrib-2025-125 details the issue. Mitigation requires updating Acquia Content Hub to version 3.6.4 or later in the 3.x series, or 3.7.3 or later in the 3.7.x series.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-206434
Vulnerability details
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Acquia Content Hub allows Cross Site Request Forgery.This issue affects Acquia Content Hub: from 0.0.0 before 3.6.4, from 3.7.0 before 3.7.3.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
CSRF vulnerability in public-facing Drupal web module directly enables exploitation of the application over the network with user interaction to perform unauthorized state changes.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly mitigates CSRF by requiring mechanisms such as synchronizer tokens or origin checks to protect the authenticity of communications sessions.
Ensures timely remediation of the specific CSRF vulnerability in Acquia Content Hub by applying patches to fixed versions 3.6.4 or 3.7.3.
Addresses CSRF by validating information inputs like referer headers or request origins to reject forged state-changing requests.