CNNVD-202602-561 Information
Feb 04, 2026
cve
CNNVD ID
CNNVD-202602-561
Related CVE
- CNNVD Published: 2026-02-04
Description (Chinese)
Drupal Central Authentication System Server是Drupal公司的一个CAS认证中心模块。 Drupal Central Authentication System Server 2.0.3之前版本和2.1.2之前版本存在安全漏洞,该漏洞源于XML注入,可能导致权限提升。
Description (English)
Drupal Central Authority System Server is a CAS accreditation centre module for Drupal. There is a security loophole in previous versions of Drupal Central Administration System Server 2.0.3 and before 2.1.2, which originates from an XML injection, which may lead to increased access.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Drupal
Published
2026-02-04
Last Modified
2026-02-24
References
https://www.drupal.org/sa-contrib-2026-007
Patch
https://www.drupal.org/sa-contrib-2026-007
Share on: