CVE-2026-15083

Summary

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal ECA: Event - Condition - Action allows Object Injection. This issue affects ECA: Event - Condition - Action versions: from 0.0.0 to 2.1.20, from 3.0.0 to 3.0.12, from 3.1.0 to 3.1.4.

Affected Software

VendorProductVersion RangeStatus
DrupalECA: Event - Condition - Action0.0.0 < 2.1.20affected
DrupalECA: Event - Condition - Action3.0.0 < 3.0.12affected
DrupalECA: Event - Condition - Action3.1.0 < 3.1.4affected

Weaknesses

  • CWE-915: CWE-915 Improperly Controlled Modification of Dynamically-Determined Object Attributes

References