URL Redirection Vulnerability in Drupal Core by Drupal
CVE-2026-55806
Currently unrated
What is CVE-2026-55806?
A URL Redirection vulnerability in Drupal core allows attackers to redirect users to untrusted sites, leading to potential content spoofing. This security issue impacts a range of Drupal core versions, compromising user trust and data integrity. Patch your installations promptly to mitigate risks and secure your web applications.
Affected Version(s)
Drupal core 0.0.0 < 10.5.12
Drupal core 10.6.0 < 10.6.11
Drupal core 11.2.0 < 11.2.14
References
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Melih Acikoz
Michael Winser (michaelwinser)
Willem Drupal enthousiast (willempje2)
Lee Rowlands (larowlan)
catch (catch)
cilefen (cilefen)
Greg Knaddison (greggles)
Lee Rowlands (larowlan)
Dave Long (longwave)
James Gilliland (neclimdul)
Juraj Nemec (poker10)
Jess (xjm)
