VYPR
Low severityNVD Advisory· Published Nov 18, 2025· Updated Nov 18, 2025

Drupal core - Moderately critical - Defacement - SA-CORE-2025-007

CVE-2025-13082

Description

User Interface (UI) Misrepresentation of Critical Information vulnerability in Drupal Drupal core allows Content Spoofing.This issue affects Drupal core: from 8.0.0 before 10.4.9, from 10.5.0 before 10.5.6, from 11.0.0 before 11.1.9, from 11.2.0 before 11.2.8.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
drupal/corePackagist
>= 8.0.0, < 10.4.910.4.9
drupal/corePackagist
>= 10.5.0, < 10.5.610.5.6
drupal/corePackagist
>= 11.0.0, < 11.1.911.1.9
drupal/corePackagist
>= 11.2.0, < 11.2.811.2.8

Affected products

3

Patches

Vulnerability mechanics

References

3

News mentions

1