CNNVD-202508-1888 Information

CNNVD ID

CNNVD-202508-1888

Related CVE

CVE-2025-8996

• CNNVD Published: 2025-08-15

Description (Chinese)

Drupal Layout Builder Advanced Permissions是Drupal社区的一个权限控制扩展工具。 Drupal Layout Builder Advanced Permissions 2.2.0之前版本存在安全漏洞，该漏洞源于缺少授权，可能导致强制浏览。

Description (English)

Drupal Layout Builder Advanced Missions is a rights-control extension tool for the Drupal community. There was a security loophole in the pre-Drupal Layout Builder Advanced Personnel 2.2.0 version, which stemmed from a lack of authorization and could lead to forced browsing.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Drupal

Published

2025-08-15

Last Modified

2026-02-24

References

https://www.drupal.org/sa-contrib-2025-097 https://vigilance.fr/vulnerability/Drupal-Layout-Builder-Advanced-Permissions-read-write-access-via-Adding-Sections-47976 https://nvd.nist.gov/vuln/detail/CVE-2025-8996

Patch

https://www.drupal.org/project/layout_builder_perms/releases