CVE-2025-13082 | Drupal up to 10.4.8/10.5.5/11.1.8/11.2.7 User Interface clickjacking (core-2025-007)

A vulnerability was found in Drupal up to 10.4.8/10.5.5/11.1.8/11.2.7. It has been declared as problematic. Affected by this issue is some unknown functionality of the component User Interface. Such manipulation leads to clickjacking.

This vulnerability is listed as CVE-2025-13082. The attack may be performed from remote. There is no available exploit.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More