CVE-2026-3525

Publication date

2026-03-26 20:02:25

Family

drupal

State

PUBLISHED

Description

Incorrect Authorization vulnerability in Drupal File Access Fix (deprecated) allows Forceful Browsing.This issue affects File Access Fix (deprecated): from 0.0.0 before 1.2.0.