Lucene search

K
osvGoogleOSV:CVE-2022-25271
HistoryFeb 16, 2022 - 11:15 p.m.

CVE-2022-25271

2022-02-1623:15:11
Google
osv.dev
16
drupal core
form api
vulnerability
input validation

AI Score

7.4

Confidence

High

EPSS

0.002

Percentile

55.6%

Drupal core’s form API has a vulnerability where certain contributed or custom modules’ forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter critical or sensitive data.

AI Score

7.4

Confidence

High

EPSS

0.002

Percentile

55.6%