CVE-2026-55806
N/A
N/A
Summary
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Drupal Drupal core allows Content Spoofing. This issue affects Drupal core versions: from 0.0.0 to 10.5.12, from 10.6.0 to 10.6.11, from 11.2.0 to 11.2.14, from 11.3.0 to 11.3.12, from 0.0.0 to 11.0., from 0.0.0 to 11.1..
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Drupal | Drupal core | 0.0.0 < 10.5.12 | affected |
| Drupal | Drupal core | 10.6.0 < 10.6.11 | affected |
| Drupal | Drupal core | 11.2.0 < 11.2.14 | affected |
| Drupal | Drupal core | 11.3.0 < 11.3.12 | affected |
| Drupal | Drupal core | 0.0.0 < 11.0.* | affected |
| Drupal | Drupal core | 0.0.0 < 11.1.* | affected |
Weaknesses
- CWE-601: CWE-601 URL Redirection to Untrusted Site ('Open Redirect')
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.