2 matches found
CVE-2026-58590
Missing Authorization vulnerability in Drupal FlowDrop allows Forceful Browsing. This issue affects FlowDrop versions: from 0.0.0 to 1.6.0...
CVE-2026-10768
Summary: CVE-2026-10768 is a Missing Authorization vulnerability in Drupal LocalGov Workflows, affecting versions 0.0.0 to 1.6.0, enabling forceful browsing and information disclosure. The root cause is insufficient access restrictions to a view of Service Contacts, which can expose names and con...