Missing Authorization vulnerability in Drupal FlowDrop allows Forceful Browsing. This issue affects FlowDrop versions: from 0.0.0 to 1.6.0.
References
| Link | Resource |
|---|---|
| https://www.drupal.org/sa-contrib-2026-068 | Vendor Advisory |
Configurations
History
14 Jul 2026, 18:55
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Flowdrop Project flowdrop
Flowdrop Project |
|
| References | () https://www.drupal.org/sa-contrib-2026-068 - Vendor Advisory | |
| CPE | cpe:2.3:a:flowdrop_project:flowdrop:*:*:*:*:*:drupal:*:* |
13 Jul 2026, 18:16
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.4 |
10 Jul 2026, 22:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-07-10 22:16
Updated : 2026-07-14 18:55
NVD link : CVE-2026-58590
Mitre link : CVE-2026-58590
CVE.ORG link : CVE-2026-58590
JSON object : View
Products Affected
flowdrop_project
- flowdrop
CWE
CWE-862
Missing Authorization
