Auth bypass in Drupal Advanced Content Feedback (Aka Admin_feedback)
CVE-2026-13232
Incorrect Authorization vulnerability in Drupal Advanced Content Feedback (aka admin_feedback) allows Forceful Browsing. This issue affects Advanced Content Feedback (aka admin_feedback) versions: from 0.0.0 to 2.8.0.
Vulnerability class: Broken Access Control
Affected products
- Drupal Advanced Content Feedback (Aka Admin_feedback) — versions 0.0.0