CVE-2026-13233

Summary

Server-Side Request Forgery (SSRF) vulnerability in Drupal OpenAI Provider allows Server Side Request Forgery. This issue affects OpenAI Provider versions: from 0.0.0 to 1.1.1, from 1.2.0 to 1.2.2.

Affected Software

VendorProductVersion RangeStatus
DrupalOpenAI Provider0.0.0 < 1.1.1affected
DrupalOpenAI Provider1.2.0 < 1.2.2affected

Weaknesses

  • CWE-918: CWE-918 Server-Side Request Forgery (SSRF)

References