What the vulnerability does
01Description
Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal Group invite allows Forceful Browsing.This issue affects Group invite: from 0.0.0 before 2.3.9, from 3.0.0 before 3.0.4, from 4.0.0 before 4.0.4.
Explanation of Vulnerability in Simple Terms
02Summary
A vulnerability in the Drupal Group invite module versions before 2.3.9 allows an attacker to perform an unspecified action. The exact nature of the vulnerability cannot be determined from available metadata. Site administrators should update to version 2.3.9 or later immediately.
What an attacker can do
03Attacker Capabilities
Perform an unspecified malicious action (exact impact unknown due to missing CVSS data).
Potential impact on your site
04Site Impact
Sites running Group invite module < 2.3.9 are at risk; update immediately to 2.3.9.
Conditions required to exploit
05Prerequisites
Unknown; CVSS vector data is unavailable.
Key dates
06Disclosure timeline
February 4, 2026
CVE published
February 4, 2026
Record updated