← Zuruck zu CVEs
CVE-2026-0748
N/ABeschreibung
In the Drupal 7 Internationalization (i18n) module, the i18n_node submodule allows a user with both "Translate content" and "Administer content translations" permissions to view and attach unpublished nodes via the translation UI and its autocomplete widget. This bypasses intended access controls and discloses unpublished node titles and IDs. Exploit affects versions 7.x-1.0 up to and including 7.x-1.35.
CVE Details
CVSS v3.1 BewertungN/A
Veroffentlicht3/26/2026
Zuletzt geandert3/27/2026
Quellenvd
Honeypot-Sichtungen0
Schwachen (CWE)
CWE-284
Referenzen
https://d7es.tag1.com/node/86(mlhess@drupal.org)
https://www.herodevs.com/vulnerability-directory/cve-2026-0748(mlhess@drupal.org)
https://www.herodevs.com/vulnerability-directory/cve-2026-0748?nes-for-drupal-7(134c704f-9b21-4f2e-91b3-4a467353bcc0)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.