ГлавнаяУязвимости → CVE-2026-13236
4.2средняя

CVE-2026-13236

Описание

Missing Authorization vulnerability in Drupal AI Agents allows Forceful Browsing. This issue affects AI Agents versions: from 0.0.0 to 1.1.4, from 1.2.0 to 1.2.5, from 1.3.0 to 1.3.1.

CVSS
Балл4.2 — средняя
ВекторCVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
Источники
https://www.drupal.org/sa-contrib-2026-056