ГлавнаяУязвимости → CVE-2026-13238
4.8средняя

CVE-2026-13238

Описание

Incorrect Authorization vulnerability in Drupal Commerce Realex / Global Payments allows Forceful Browsing. This issue affects Commerce Realex / Global Payments versions: from 0.0.0 to 3.0.2.

CVSS
Балл4.8 — средняя
ВекторCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
Источники
https://www.drupal.org/sa-contrib-2026-058