CNNVD-202601-4675 Information

Jan 28, 2026 cve

CNNVD ID

CNNVD-202601-4675

CVE-2025-14840

CNNVD Published: 2026-01-28

Description (Chinese)

Drupal HTTP Client Manager是Drupal社区的一个HTTP客户端管理插件。 Drupal HTTP Client Manager 9.3.13之前版本、10.0.2之前版本和11.0.1之前版本存在安全漏洞，该漏洞源于异常条件检查不当，可能导致强制浏览。

Description (English)

Drupal HTTP Clinic Manager is a HTTP client management plugin for the Drupal community. There is a security loophole in the previous versions of Drupal HTTP Clinic Manager 9.3.13, 10.0.2 and 11.01, which stems from inadequate inspection of abnormal conditions and may lead to forced browsing.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Drupal

Published

2026-01-28

Last Modified

2026-02-24

References

https://www.drupal.org/sa-contrib-2025-126

Patch

https://www.drupal.org/sa-contrib-2025-126

Share on: