CNNVD-202511-2039 Information
Nov 18, 2025
cve
CNNVD ID
CNNVD-202511-2039
Related CVE
- CNNVD Published: 2025-11-18
Description (Chinese)
Drupal core是Drupal社区的一套用PHP语言开发的免费、开源的内容管理系统。 Drupal core 10.4.9之前版本、10.5.0版本至10.5.6之前版本、11.0.0版本至11.1.9之前版本和11.2.0版本至11.2.8之前版本存在安全漏洞,该漏洞源于异常条件检查不当,可能导致强制浏览。
Description (English)
Drupal core is a free, open-source content management system developed in the PHP language in the Drupal community. There is a security loophole in previous versions of Drupal core 10.4.9, 10.5.0 to 10.5.6, 11.0.0 to 11.1.9 and 11.2.0 to 11.2.8, which stems from inappropriate inspections of abnormal conditions and may lead to forced browsing.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Drupal
Published
2025-11-18
Last Modified
2026-02-24
References
https://www.drupal.org/sa-core-2025-005
Patch
https://www.drupal.org/project/drupal/releases
Share on: