HomePentest-Tools.com Logo

Drupal 8.0 < 9.3.19, 9.4.0 < 9.4.3 Access Bypass (SA-CORE-2022-013) - Windows CVE-2022-25278

Severity
CVSSv3 Score
6.5
Vulnerability description

Drupal is prone to an access bypass vulnerability.

Risk description

Under certain circumstances, the Drupal core form API evaluates form element access incorrectly. This may lead to a user being able to alter data they should not have access to.

Recommendation

Update to version 9.3.19, 9.4.3 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Apr 26, 2023
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available