CVE-2025-10929
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-10-30
Last updated on: 2025-12-12
Assigner: Drupal.org
Description
Description
Improper Validation of Consistency within Input vulnerability in Drupal Reverse Proxy Header allows Manipulating User-Controlled Variables.This issue affects Reverse Proxy Header: from 0.0.0 before 1.1.2.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| reverse_proxy_header_project | reverse_proxy_header | to 1.1.2 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-1288 | The product receives a complex input with multiple elements or fields that must be consistent with each other, but it does not validate or incorrectly validates that the input is actually consistent. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an Improper Validation of Consistency within Input issue in the Drupal Reverse Proxy Header. It allows an attacker to manipulate user-controlled variables by exploiting how the Reverse Proxy Header processes input, potentially leading to unexpected behavior or security risks.
How can this vulnerability impact me? :
The vulnerability can allow attackers to manipulate user-controlled variables, which may lead to unauthorized access, data manipulation, or other security issues depending on how the affected system uses the Reverse Proxy Header.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70