Auth bypass in Drupal Advanced Content Feedback (Aka Admin_feedback)

CVE-2026-13232

Incorrect Authorization vulnerability in Drupal Advanced Content Feedback (aka admin_feedback) allows Forceful Browsing. This issue affects Advanced Content Feedback (aka admin_feedback) versions: from 0.0.0 to 2.8.0.

Vulnerability class: Broken Access Control

Affected products

Weakness classification (CWE)

References