CVE-2026-8492

LOW

Translate Drupal with GTranslate - Less critical - DOM clobbering / link manipulation - SA-CONTRIB-2026-035

Title source: cna

Description

Modification of Assumed-Immutable Data (MAID) vulnerability in Drupal Translate Drupal with GTranslate allows Resource Location Spoofing. This issue affects Translate Drupal with GTranslate: from 0.0.0 before 3.0.5.

References (1)

Core 1

Core References

https://www.drupal.org/sa-contrib-2026-035

Scores

CVSS v3 2.7

EPSS 0.0003

EPSS Percentile 7.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-471

Status published

Products (1)

Drupal/Translate Drupal with GTranslate 0.0.0 - 3.0.5

Published May 19, 2026

Tracked Since May 20, 2026