CVE-2026-13238

CVE-2026-13238CVE-2026-13238

Description

Incorrect Authorization vulnerability in Drupal Commerce Realex / Global Payments allows Forceful Browsing. This issue affects Commerce Realex / Global Payments versions: from 0.0.0 to 3.0.2.

Scoring

Last modified2026-07-10
Sourced from NVD. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.