CVE-2024-13272

CVE-2024-13272: Paragraphs table - Critical - Access bypass, Information Disclosure - SA-CONTRIB-2024-036

Vendor Drupal
Product Paragraphs table
Weakness CWE-1220
Published January 9, 2025
Last update January 14, 2025

CVSS base score

What the vulnerability does

01Description

Insufficient Granularity of Access Control vulnerability in Drupal Paragraphs table allows Content Spoofing.This issue affects Paragraphs table: from 0.0.0 before 1.23.0, from 2.0.0 before 2.0.2.

Key dates

02Disclosure timeline

January 9, 2025 CVE published
January 14, 2025 Record updated