EUVD-2026-16420

In the Drupal 7 Internationalization i18n module, the i18nnode submodule allows a user with both "Translate content" and "Administer content translations" permissions to view and attach unpublished nodes via the translation UI and its autocomplete widget. This bypasses intended access controls an...

CVE-2026-0748

A flaw was found in the Drupal 7 Internationalization i18n module, specifically within its i18nnode submodule. A user possessing both "Translate content" and "Administer content translations" permissions can exploit this vulnerability. By utilizing the translation user interface UI and its...

CVE-2026-0748

In the Drupal 7 Internationalization i18n module, the i18nnode submodule allows a user with both "Translate content" and "Administer content translations" permissions to view and attach unpublished nodes via the translation UI and its autocomplete widget. This bypasses intended access controls an...

CVE-2026-0748

CVE-2026-0748 affects the Drupal 7 Internationalization (i18n) module, specifically the i18n_node submodule. The vulnerability allows a user who has both Translate content and Administer content translations permissions to view and attach unpublished nodes via the translation UI and its autocompl...

CVE-2026-0748 Access bypass in Drupal 7 i18n_node translation UI

In the Drupal 7 Internationalization i18n module, the i18nnode submodule allows a user with both "Translate content" and "Administer content translations" permissions to view and attach unpublished nodes via the translation UI and its autocomplete widget. This bypasses intended access controls an...

CVE-2026-0748

In the Drupal 7 Internationalization i18n module, the i18nnode submodule allows a user with both "Translate content" and "Administer content translations" permissions to view and attach unpublished nodes via the translation UI and its autocomplete widget. This bypasses intended access controls an...

PT-2026-28309

Name of the Vulnerable Software and Affected Versions Drupal versions 7.x-1.0 through 7.x-1.35 Description The Internationalization i18n module’s i18n node submodule in Drupal allows a user possessing both “Translate content” and “Administer content translations” permissions to view and attach...

Drupal Internationalization module 安全漏洞

The Drupal Internationalization module is a multilingual content management and localization support module provided by the Drupal company. Versions of the Drupal Internationalization module prior to 7.x-1.35 contained security vulnerabilities. These vulnerabilities stemmed from the i18nnode...

DRUPAL-CONTRIB-2026-029

This module creates permissions per node content type to control access to unpublished nodes per content type. The module does not consistently control access for unpublished translated nodes...

PT-2026-28676

Name of the Vulnerable Software and Affected Versions Drupal versions prior to 1.7.0 Description An incorrect authorization issue exists in Drupal’s Unpublished Node Permissions, allowing forceful browsing. The problem relates to inconsistent access control for unpublished translated nodes. The...

Unpublished Node Permissions - Critical - Access bypass - SA-CONTRIB-2026-029

This module creates permissions per node content type to control access to unpublished nodes per content type. The module does not consistently control access for unpublished translated nodes...

EUVD-2009-0386

Malware in sbrugna...

EUVD-2010-1575

Malware in sbrugna...

EUVD-2012-4402

Malware in sbrugna...

CVE-2009-0382

Unspecified vulnerability in Internationalization i18n Translation 5.x before 5.x-2.5, a module for Drupal, allows remote attackers with "translate node" permissions to bypass intended access restrictions and read unpublished nodes via unspecified vectors...

DRUPAL-CONTRIB-2022-056

This module enables you to set content permissions based on taxonomy terms. The module doesn't sufficiently restrict access to translated and unpublished nodes. This vulnerability is mitigated by the fact that it only affects sites with translated content...

DRUPAL-CONTRIB-2020-032

The Group module enables you to hand out permissions on a smaller subset, section or community of your website. With the 1.1 security release, new code was introduced to ensure proper access for all entity types, but a mistake introduced unexpected access to unpublished nodes...

Group - Moderately critical - Information disclosure - SA-CONTRIB-2020-032

The Group module enables you to hand out permissions on a smaller subset, section or community of your website. With the 1.1 security release, new code was introduced to ensure proper access for all entity types, but a mistake introduced unexpected access to unpublished nodes...

Permissions by Term - Moderately critical - Access bypass - SA-CONTRIB-2019-068

This module enables you to control access to content based on taxonomy terms. The module doesn't sufficiently check if a given entity should be access controlled, defaulting to allowing access even to unpublished nodes. The vulnerability is mitigated by the fact that the submodule Permissions by...

DRUPAL-CONTRIB-2019-067

This module allows you to attach tabular data to an entity. There is insufficient access checking for users with the ability to "Export Tablefield Data as CSV". They can export data from unpublished nodes or otherwise inaccessible entities. This vulnerability is mitigated by the fact that an...