Home 0.0.0 (semver) before 1.6.0
affected
Description
Missing Authorization vulnerability in Drupal FlowDrop allows Forceful Browsing. This issue affects FlowDrop versions: from 0.0.0 to 1.6.0.
Problem types
Product status
Credits
Aincient Labs (aincient labs)
Shibin Das (d34dman)
Greg Knaddison (greggles)
Neil Drumm (drumm)
Juraj Nemec (poker10)
Dave Long (longwave)
References
www.drupal.org/sa-contrib-2026-067