CNNVD-202601-4687 Information
Jan 28, 2026
cve
CNNVD ID
CNNVD-202601-4687
Related CVE
- CNNVD Published: 2026-01-28
Description (Chinese)
Drupal CKEditor 5 Premium Features是Drupal社区的一个编辑器扩展模块。 Drupal CKEditor 5 Premium Features存在安全漏洞,该漏洞源于使用替代路径或通道绕过身份验证,可能导致功能绕过。以下版本受到影响:1.2.10之前版本、1.3.6之前版本、1.4.3之前版本、1.5.1之前版本和1.6.4之前版本。
Description (English)
Drupal CKEditor 5 Premium Features is an editor extension module for the Drupal community. There is a security loophole in Drupal CKEditor 5 Premium Features, which stems from the use of alternative paths or channels to bypass identification, which may result in a functional bypass. The following versions were affected: 1.2.10, 1.3.6, 1.4.3, 1.5.1 and 1.6.4.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Drupal
Published
2026-01-28
Last Modified
2026-02-24
References
https://www.drupal.org/sa-contrib-2025-118
Patch
https://www.drupal.org/sa-contrib-2025-118
Share on: