2 matches found
CVE-2026-3526 File Access Fix (deprecated) - Moderately critical - Access bypass - SA-CONTRIB-2026-021
Incorrect Authorization vulnerability in Drupal File Access Fix deprecated allows Forceful Browsing.This issue affects File Access Fix deprecated: from 0.0.0 before 1.2.0...
CVE-2026-3525
The CVE-2026-3525 issue affects Drupal File Access Fix (deprecated) prior to version 1.2.0. The root cause is an incorrect authorization check that enables forceful browsing, potentially permitting access to sensitive files or resources. Red Hat and ENISA entries describe an improper file access ...