Incorrect Authorization in Drupal Advanced Content Feedback
CVE-2026-13232
Currently unrated
Key Information:
- Vendor
Drupal
- Vendor
- CVE Published:
- 10 July 2026
What is CVE-2026-13232?
An incorrect authorization vulnerability exists in the Drupal Advanced Content Feedback module, also known as admin_feedback. This flaw allows for forceful browsing, where an attacker may gain access to unauthorized areas of the application. The issue impacts versions ranging from 0.0.0 to 2.8.0, posing significant security risks if left unaddressed. Users are advised to update to the latest version and review their access controls to mitigate potential exploitation.
Affected Version(s)
Advanced Content Feedback (aka admin_feedback) 0.0.0 < 2.8.0
