CVE-2025-13083
LOWDescription
Use of Web Browser Cache Containing Sensitive Information vulnerability in Drupal Drupal core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Drupal core: from 8.0.0 before 10.4.9, from 10.5.0 before 10.5.6, from 11.0.0 before 11.1.9, from 11.2.0 before 11.2.8, from 7.0 before 7.103.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| drupal | drupal |
| drupal | drupal |
| drupal | drupal |
| drupal | drupal |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-13083? +
How severe is CVE-2025-13083? +
What products are affected by CVE-2025-13083? +
How do I check if I'm vulnerable to CVE-2025-13083? +
Related Vulnerabilities
The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. In Auth0 Next.js SDK versions 4.0.1 …
IBM Automation Decision Services 23.0.2 allows web pages to be stored locally which can be read by another user on …
A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V4.0). The affected applications stores sensitive information in …
The Document Library and the Adaptive Media modules in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay …
Use of Web Browser Cache Containing Sensitive Information vulnerability in Apache Airflow. Airflow did not return "Cache-Control" header for dynamic …
@astrojs/node allows Astro to deploy your SSR site to Node targets. Prior to 10.0.5, requesting a static js/css resources from …