CNNVD-202601-4677 Information

CNNVD ID

CNNVD-202601-4677

Related CVE

CVE-2025-13985

• CNNVD Published: 2026-01-28

Description (Chinese)

Drupal Entity Share是Drupal社区的一个内容共享插件。 Drupal Entity Share 3.13.0之前版本存在安全漏洞，该漏洞源于授权不当，可能导致强制浏览。

Description (English)

Drupal Entery Share is a content-sharing plugin for the Drupal community. There was a security loophole in the pre-Drupal Enterprise Share 3.1.30.0 version, which stemmed from inappropriate authorization and could lead to forced browsing.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Drupal

Published

2026-01-28

Last Modified

2026-02-24

References

https://www.drupal.org/sa-contrib-2025-123 https://vigilance.fr/vulnerability/Drupal-Entity-Share-information-disclosure-dated-03-12-2025-48963

Patch

https://www.drupal.org/sa-contrib-2025-123