Lucene search
+L

12 matches found

EUVD
EUVD
added 2026/07/11 12:31 a.m.4 views

EUVD-2026-43065

Missing Authorization vulnerability in Drupal Paragraphs allows Forceful Browsing. This issue affects Paragraphs versions: from 0.0.0 to 1.21.0...

6.1AI score0.00159EPSS
Exploits0References2
NVD
NVD
added 2026/07/10 10:16 p.m.5 views

CVE-2026-13241

Missing Authorization vulnerability in Drupal Paragraphs allows Forceful Browsing. This issue affects Paragraphs versions: from 0.0.0 to 1.21.0...

6.5CVSS0.00159EPSS
Exploits0References1
CVE
CVE
added 2026/07/10 9:44 p.m.10 views

CVE-2026-13241

Summary: CVE-2026-13241 describes a Missing Authorization vulnerability in Drupal Paragraphs (affecting Paragraphs 0.0.0 – 1.21.0) compounded by the Paragraphs Library module. The issue allows forceful browsing because access to direct child paragraphs of library items via API endpoints is not su...

6.5CVSS6.1AI score0.00159EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/10 9:44 p.m.31 views

CVE-2026-13240 Paragraphs - Less critical - Access bypass - SA-CONTRIB-2026-060

Missing Authorization vulnerability in Drupal Paragraphs allows Forceful Browsing. This issue affects Paragraphs versions: from 0.0.0 to 1.21.0...

0.00159EPSS
Exploits0References1
CVE
CVE
added 2026/07/10 9:44 p.m.12 views

CVE-2026-13240

CVE-2026-13240 affects Drupal Paragraphs (and Paragraphs Library) with a missing authorization flaw that enables forceful browsing. Affected versions are 0.0.0 through 1.21.0. Root cause: insufficient access checks allowing access to unpublished library items when Paragraphs Library is active (e....

6.5CVSS6.1AI score0.00159EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/26 1:34 p.m.15 views

CVE-2025-6677 Paragraphs table - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-084

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Paragraphs table allows Cross-Site Scripting XSS.This issue affects Paragraphs table: from 2.0.0 before 2.0.5...

0.00186EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/26 12:0 a.m.6 views

Drupal Paragraphs table 安全漏洞

Drupal Paragraphs table is a table generation tool for the Drupal community. A security vulnerability exists in Drupal Paragraphs table versions prior to 2.0.5 that stems from improper input neutralization and could lead to a cross-site scripting attack...

5.4CVSS5.8AI score0.00186EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/06/26 12:0 a.m.12 views

PT-2025-26966 · Drupal · Drupal Paragraphs

Name of the Vulnerable Software and Affected Versions: Drupal Paragraphs table versions 2.0.0 through 2.0.4 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS, in the Drupal Paragraphs table. This allows for...

5.4CVSS6.2AI score0.00186EPSS
Exploits0References5
OSV
OSV
added 2025/06/25 6:43 p.m.9 views

DRUPAL-CONTRIB-2025-084

Project Paragraphs table provides a field for a collection table. The module doesn't sufficiently sanitise certain data attributes allowing Cross Site Scripting XSS attacks. This vulnerability is mitigated by the fact that an attacker must have a role with permission to enter HTML tags containing...

5.4CVSS5.9AI score0.00186EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/01/29 12:0 a.m.7 views

The vulnerability of the Paragraphs module in the Drupal CMS system, related to deficiencies in access control, allows attackers to bypass security restrictions and gain unauthorized access to protected information.

The vulnerability of the Paragraphs module in the Drupal CMS system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to bypass security restrictions and gain unauthorized access to protected information...

6.5CVSS5.4AI score0.00235EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/01/09 7:20 p.m.9 views

CVE-2024-13272 Paragraphs table - Critical - Access bypass, Information Disclosure - SA-CONTRIB-2024-036

Insufficient Granularity of Access Control vulnerability in Drupal Paragraphs table allows Content Spoofing.This issue affects Paragraphs table: from 0.0.0 before 1.23.0, from 2.0.0 before 2.0.2...

6.9AI score0.00235EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/09/04 12:0 a.m.7 views

PT-2024-10356 · Drupal · Drupal Paragraphs Table

Name of the Vulnerable Software and Affected Versions: Drupal Paragraphs table versions 0.0.0 through 1.22.0 Drupal Paragraphs table versions 2.0.0 through 2.0.1 Description: The issue is related to insufficient granularity of access control in Drupal Paragraphs table, which allows content...

6.5CVSS7.5AI score0.00235EPSS
Exploits0References5
Rows per page
Query Builder