CVE-2025-10929

CVE-2025-10929: Reverse Proxy Header - Less critical - Access bypass - SA-CONTRIB-2025-111

Vendor Drupal
Product Reverse Proxy Header
Weakness CWE-1288
Published October 29, 2025
Last update October 30, 2025

CVSS base score

What the vulnerability does

01Description

Improper Validation of Consistency within Input vulnerability in Drupal Reverse Proxy Header allows Manipulating User-Controlled Variables.This issue affects Reverse Proxy Header: from 0.0.0 before 1.1.2.

Key dates

02Disclosure timeline

October 29, 2025 CVE published
October 30, 2025 Record updated