Auth bypass in Drupal Paragraphs
CVE-2026-13241
Missing Authorization vulnerability in Drupal Paragraphs allows Forceful Browsing. This issue affects Paragraphs versions: from 0.0.0 to 1.21.0.
Vulnerability class: Broken Access Control
Affected products
- Drupal Paragraphs — versions 0.0.0