CVE-2026-9726

Summary

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal AlternativeCommerce (Basket) allows Object Injection. This issue affects Drupal AlternativeCommerce (Basket) versions: from 0.0.0 to 2.1.17.

Affected Software

VendorProductVersion RangeStatus
DrupalDrupal AlternativeCommerce (Basket)0.0.0 < 2.1.17affected

Weaknesses

  • CWE-915: CWE-915 Improperly Controlled Modification of Dynamically-Determined Object Attributes

References