What the vulnerability does
01Description
Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal HTTP Client Manager allows Forceful Browsing.This issue affects HTTP Client Manager: from 0.0.0 before 9.3.13, from 10.0.0 before 10.0.2, from 11.0.0 before 11.0.1.
Explanation of Vulnerability in Simple Terms
02Summary
A vulnerability in the Drupal HTTP Client Manager module versions before 9.3.13 allows an attacker to cause an error condition. The exact nature of the vulnerability and its impact are not fully documented in available metadata. Site administrators should update to version 9.3.13 or later to address this issue.
What an attacker can do
03Attacker Capabilities
Trigger an error condition in the HTTP Client Manager module.
Potential impact on your site
04Site Impact
Your site may experience errors or unexpected behavior from the HTTP Client Manager module.
Conditions required to exploit
05Prerequisites
Access to a Drupal site running an affected version of the module.
Key dates
06Disclosure timeline
January 28, 2026
CVE published
January 29, 2026
Record updated