CVE-2026-55807
N/A
N/A
Summary
Server-Side Request Forgery (SSRF) vulnerability in Drupal Drupal core allows Server Side Request Forgery. This issue affects Drupal core versions: from 0.0.0 to 10.5.12, from 10.6.0 to 10.6.11, from 11.2.0 to 11.2.14, from 11.3.0 to 11.3.12, from 0.0.0 to 11.0., from 0.0.0 to 11.1..
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Drupal | Drupal core | 0.0.0 < 10.5.12 | affected |
| Drupal | Drupal core | 10.6.0 < 10.6.11 | affected |
| Drupal | Drupal core | 11.2.0 < 11.2.14 | affected |
| Drupal | Drupal core | 11.3.0 < 11.3.12 | affected |
| Drupal | Drupal core | 0.0.0 < 11.0.* | affected |
| Drupal | Drupal core | 0.0.0 < 11.1.* | affected |
Weaknesses
- CWE-918: CWE-918 Server-Side Request Forgery (SSRF)
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.