Drupal · Drupal Core · CVE-2022-25271
**Name of the Vulnerable Software and Affected Versions**
Drupal core (affected versions not specified)
**Description**
The issue is related to insufficient input validation in the Drupal core's form API, which may allow an attacker to inject disallowed values or overwrite data. This could potentially enable the alteration of critical or sensitive data, although affected forms are uncommon. The vulnerability can be exploited by sending specially crafted input to the Drupal core's form API.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.