CVE-2026-0748 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

In the Drupal 7 Internationalization (i18n) module, the i18n_node submodule allows a user with both "Translate content" and "Administer content translations" pe…
Medium CVSS: 5.3

CVE-2026-0748

In the Drupal 7 Internationalization (i18n) module, the i18n_node submodule allows a user with both "Translate content" and "Administer content translations" permissions to view and attach unpublished nodes via the translation UI and its autocomplete widget. This bypasses intended access controls and discloses unpublished node titles and IDs.

Exploit affects versions 7.x-1.0 up to and including 7.x-1.35.
Vendor
Internationalization Project
Product
Internationalization
CWE
CWE-284
Yayın Tarihi
2026-03-26 22:16:27
Güncelleme
2026-04-01 16:22:14
Source Identifier
mlhess@drupal.org
KEV Date Added
-

Kategoriler

CWE-284 Internationalization MEDIUM Internationalization Project 2026

Referanslar

https://d7es.tag1.com/node/86 https://www.herodevs.com/vulnerability-directory/cve-2026-0748 https://www.herodevs.com/vulnerability-directory/cve-2026-0748?nes-for-drupal-7