NextGuard
UNKNOWNCVE-2022-25271

Improper input validation in Drupal core

Platform

drupal

Component

drupal

Fixed in

9.3.6

View on NVD

Drupal core's form API has a vulnerability where certain contributed or custom modules' forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter critical or sensitive data.

How to fix

Actualice Drupal core a la última versión. Específicamente, actualice a la versión 9.3.6, 9.2.13 o 7.88, dependiendo de la versión de Drupal que esté utilizando. Esto corregirá la vulnerabilidad de validación de entrada en la API de formularios.

Monitor your dependencies automatically

Get notified when new vulnerabilities affect your projects. Free forever.

Start free
CVE-2022-25271 — Vulnerability Details | NextGuard | NextGuard