Drupal Language File Parsing Exposes Env Vars
CVE-2023-40626 Published on November 29, 2023

[20231101] - Core - Exposure of environment variables
The language file parsing process could be manipulated to expose environment variables. Environment variables might contain sensible information.

Vendor Advisory NVD

Products Associated with CVE-2023-40626

stack.watch emails you whenever new vulnerabilities are published in Joomla or Drupal. Just hit a watch button to start following.

Joomla

Drupal

Affected Versions

Joomla! Project Joomla! CMS:

Version 1.6.0-4.4.0 is affected.
Version 5.0.0 is affected.

Exploit Probability

EPSS

0.03%

Percentile

8.87%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Drupal Language File Parsing Exposes Env VarsCVE-2023-40626 Published on November 29, 2023

Products Associated with CVE-2023-40626

Affected Versions

Exploit Probability

Drupal Language File Parsing Exposes Env Vars
CVE-2023-40626 Published on November 29, 2023