Incorrect Authorization in Drupal Commerce Realex / Global Payments
CVE-2026-13238
Currently unrated
Key Information:
- Vendor
Drupal
- Vendor
- CVE Published:
- 10 July 2026
What is CVE-2026-13238?
An incorrect authorization vulnerability exists in Drupal Commerce Realex / Global Payments, which allows attackers to engage in forceful browsing. This can lead to unauthorized access, granting users the ability to access restricted functionalities or data. It affects versions from 0.0.0 to 3.0.2. Immediate updates are recommended to mitigate risks associated with this issue.
Affected Version(s)
Commerce Realex / Global Payments 0.0.0 < 3.0.2
