Drupal Core User Interface Misrepresentation Vulnerability Allowing Content Spoofing

Vulnerability

A vulnerability in Drupal Core related to user interface misrepresentation of critical information has been identified. This issue allows for content spoofing and affects Drupal versions 8.0.0 prior to 10.4.9, 10.5.0 prior to 10.5.6, 11.0.0 prior to 11.1.9, and 11.2.0 prior to 11.2.8.

Impact

Exploitation of this vulnerability could lead to unauthorized content manipulation, allowing attackers to create misleading or harmful content that appears legitimate.

Added: Nov 18, 2025, 5:39 PM

Updated: Nov 18, 2025, 10:28 PM

Vulnerability Rating

Custom Algorithm

spread

7.6

impact

0.6

exploitability

6.5

remediation

0.0

relevance

1.1

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.6

impact

0.6

exploitability

6.5

remediation

0.0

relevance

1.1

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Drupal Core User Interface Misrepresentation Vulnerability Allowing Content Spoofing

Vulnerability

Impact

Affected Products

Drupal

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating