Object Injection Vulnerability in Drupal ECA: Event - Condition - Action
CVE-2026-15083
Currently unrated
What is CVE-2026-15083?
The vulnerability in Drupal's ECA: Event - Condition - Action allows an attacker to manipulate object attributes improperly, leading to potential object injection. This affects versions 0.0.0 to 2.1.20, 3.0.0 to 3.0.12, and 3.1.0 to 3.1.4. Users are advised to assess their installation and apply the necessary updates to mitigate risks associated with this vulnerability.
Affected Version(s)
ECA: Event - Condition - Action 0.0.0 < 2.1.20
ECA: Event - Condition - Action 3.0.0 < 3.0.12
ECA: Event - Condition - Action 3.1.0 < 3.1.4
