What is CVE-2020-13668?

CVE-2020-13668 is a vulnerability in Drupal Core. Published 2022-02-11.

Is CVE-2020-13668 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Drupal Core

CVE-2020-13668

Access Bypass vulnerability in Drupal Core allows for an attacker to leverage the way that HTML is rendered for affected forms in order to exploit the vulnerability. This issue affects: Drupal Core 8.8.x versions prior to 8.8.10; 8.9.x ver…

EPSS: 0.002 (45.0th percentile) — read the EPSS interpretation.

Affected products

Drupal Core — versions 8.8.x, 8.9.x, 9.0.x

Public proof-of-concept exploits

ARPSyndicate/cvemon

References

www.drupal.org/sa-core-2020-009 (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2020-13668?: CVE-2020-13668 is a vulnerability in Drupal Core. Published 2022-02-11.
Is CVE-2020-13668 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.