wid-sec-w-2026-2080
·
Published 2026-06-24
·
View on BSI CERT-Bund ↗
Drupal: Multiple Vulnerabilities
CVSS N/A
NONE
Risk Summary
Ein Angreifer kann mehrere Schwachstellen in Drupal ausnutzen, um Sicherheitsvorkehrungen zu umgehen, um einen Cross-Site Scripting Angriff durchzuführen, um Informationen offenzulegen, um einen SQL-Injection Angriff durchzuführen, und um Daten zu manipulieren.
Affected Vendors
Open Source
Affected Products (29)
Open Source
·
Drupal
Advanced Content Feedback <2.8.0
Open Source
·
Drupal
Advanced Content Feedback 2.8.0
Open Source
·
Drupal
OpenAI Provider <1.1.1
Open Source
·
Drupal
OpenAI Provider 1.1.1
Open Source
·
Drupal
OpenAI Provider <1.2.2
Open Source
·
Drupal
OpenAI Provider 1.2.2
Open Source
·
Drupal
AI <1.2.17
Open Source
·
Drupal
AI 1.2.17
Open Source
·
Drupal
AI <1.3.8
Open Source
·
Drupal
AI 1.3.8
Open Source
·
Drupal
AI <1.4.3
Open Source
·
Drupal
AI 1.4.3
Open Source
·
Drupal
AI Agents <1.1.4
Open Source
·
Drupal
AI Agents 1.1.4
Open Source
·
Drupal
AI Agents <1.2.5
Open Source
·
Drupal
AI Agents 1.2.5
Open Source
·
Drupal
AI Agents <1.3.1
Open Source
·
Drupal
AI Agents 1.3.1
Open Source
·
Drupal
Commerce Realex / Global Payments <3.0.2
Open Source
·
Drupal
Commerce Realex / Global Payments 3.0.2
Open Source
·
Drupal
WissKI <4.2.0
Open Source
·
Drupal
WissKI 4.2.0
Open Source
·
Drupal
Paragraphs <1.21.0
Open Source
·
Drupal
Paragraphs 1.21.0
Open Source
·
Drupal
Geolocation Field <3.15.0
Open Source
·
Drupal
Geolocation Field 3.15.0
Open Source
·
Drupal
Salesforce Suite <5.1.3
Open Source
·
Drupal
Salesforce Suite 5.1.3
Open Source
·
Drupal
Tealium iQ Tag Management
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more