3 matches found
EUVD-2026-43057
Server-Side Request Forgery SSRF vulnerability in Drupal OpenAI Provider allows Server Side Request Forgery. This issue affects OpenAI Provider versions: from 0.0.0 to 1.1.1, from 1.2.0 to 1.2.2...
CVE-2026-13233
Summary: CVE-2026-13233 is a Server-Side Request Forgery (SSRF) vulnerability in the Drupal OpenAI Provider module. The issue arises because the module does not sufficiently sanitize user-supplied URLs, enabling SSRF. Affected software: Drupal OpenAI Provider module (OpenAI as a provider for the ...
PT-2026-52166
Name of the Vulnerable Software and Affected Versions Drupal OpenAI Provider versions 0.0.0 through 1.1.1 Drupal OpenAI Provider versions 1.2.0 through 1.2.2 Description Insufficient sanitization of user-supplied URLs leads to a Server-Side Request Forgery SSRF, a flaw where an attacker can induc...