Drupal Entity Share Incorrect Authorization Vulnerability Allowing Forceful Browsing

Vulnerability

A vulnerability allowing incorrect authorization has been identified in the Drupal Entity Share module, versions 0.0.0 prior to 3.13.0. This issue enables forceful browsing, allowing users to access content or features they should not have permission to.

Impact

Exploitation of this vulnerability could lead to unauthorized access to entities or features, allowing users to bypass normal access controls.

Added: Jan 28, 2026, 8:35 PM

Updated: Jan 28, 2026, 8:35 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.6

remediation

0.0

relevance

2.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.6

remediation

0.0

relevance

2.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Drupal Entity Share Incorrect Authorization Vulnerability Allowing Forceful Browsing

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating